No category

Download Icon - To Daim

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

Transcript

Privacy in Location aware Systems for
Social Interaction
Per Anton Gransæther
Master of Science in Computer Science
Submission date: June 2008
Supervisor:
John Krogstie, IDI
Co-supervisor:
Anders Kofod-Petersen, IDI
Norwegian University of Science and Technology
Department of Computer and Information Science
Problem Description
One of the main assumptions in both the current trend in digital social interaction, such as instant
messaging, linkin and Facebook is that users gain something beneficial without loosing, among
others privacy. The ability to be always available is of particular interest in the emerging fields of
Pervasive Computing and Ambient Intelligence.
This project aims at investigating how users' social interaction is affected when mediated by
technology that allows users to be constantly available. We aim at investigating this by
implementing a simple context sensitive messaging service in the Wireless Trondheim
environment, and do empirical testing with a population of students equipped with wireless
devices and the developed application.
Assignment given: 15. January 2008
Supervisor: John Krogstie, IDI
Abstract
Social network services like Facebook, and instant messaging services like MSN Messenger have
gained an enormous popularity in just a few years, and are undoubtedly popular among users.
What happens when these networks are combined with information about the user’s location?
This master’s thesis has investigated if people are willing to use systems that share the users’
location for the purpose of locating friends. It is also investigated if users’ of systems that shares
their location behave in a different ways as a consequence of this location sharing. Finally, this
thesis investigated if users of location sharing systems will get the feeling of loosing their personal
privacy, and how privacy mechanisms can help the users not to get this feeling.
These questions were investigated by developing a location-tracking social network service
called The FriendRadar, which was developed for usage in Wireless Trondheim. Pupils from
Trondheim Katedralskole were equipped with wireless devices to test the system in the
environment. The logged data of the system was analysed and the users answered a questionnaire
after the test period was completed. One user also participated in an interview.
The results of these investigations show that the users did not use The FriendRadar very much,
but according to the users answer to the questionnaire it seems that users are willing to use systems
that share their location with others, if the benefit is that they can locate them back. It also indicates
that the users do act in different ways because of the possibility to share their location. Users seem
to use the fact that others can see their location deliberately to tell other their locations, but they do
not avoid doing any actions. Further, it seems like spontaneous actions possibly can happen as a
consequence of users seeing other’s location. Users of the system did not show concerns about
privacy while using the system, but they could imagine this being a problem in a system with larger
user mass. The most important privacy mechanisms for a future location-tracking systems, seems to
be able to turn the system off and reciprocity in location sharing.
Together these results shows that if the right amount of privacy mechanisms are implemented to
a location-tracking system, the system can both be privacy preserving and useful for the users.
i
ii
Preface
This master’s thesis is the completion of my Master of Science degree at the at the Information
Systems Group of the Department of Computer and Information Science (IDI) at the Norwegian
University of Science and Technology (NTNU).
I would like to thank my co-supervisor Anders Kofod-Petersen who has been of great help
throughout the work with this master’s thesis. Supervisor John Krogstie has also always contributed
when needed. Fellow student Gunhild Giff Bye deserves thanks for the cooperation with the
development of the systems and other research. Accenture must also be mentioned, for lending me
the laptop computer this master’s thesis was written on.
Finally, I would like to thank teacher Aslak Bjerkvik and his pupils at Trondheim Katedralskole
for participating as test persons. Their cooperation made the experiment easy to perform.
Trondheim 10. June 2008
Per Anton Gransæther
iii
iv
Table of contents
1
2
Introduction ................................................................................................................................................................... 1
1.1
Background and motivation ................................................................................................................................... 1
1.2
Report outline ......................................................................................................................................................... 1
Research agenda ............................................................................................................................................................ 3
2.1
Research questions ................................................................................................................................................. 3
2.2
Preparations ........................................................................................................................................................... 3
2.3
Research methods ................................................................................................................................................... 4
2.3.1 Analysis of recorded data................................................................................................................................... 4
2.3.2 Observational study............................................................................................................................................ 5
2.3.3 Questionnaire ..................................................................................................................................................... 5
2.3.4 Interview............................................................................................................................................................. 6
3
State of the art................................................................................................................................................................ 9
3.1
Social network services .......................................................................................................................................... 9
3.2
Ubiquitous Computing............................................................................................................................................ 9
3.2.1 Ubiquitous Computing and Ambient Intelligence ............................................................................................ 9
3.2.2 Context in Ubiquitous Computing................................................................................................................... 10
3.3
Behaviour of the user and usage patterns in location-based services ................................................................ 11
3.4
Privacy in P3 systems and social network services............................................................................................. 12
3.5
Wireless Trondheim.............................................................................................................................................. 17
3.5.1 Geographical Position Service......................................................................................................................... 18
3.6
Existing systems .................................................................................................................................................... 19
3.6.1 FindMyFriends................................................................................................................................................. 19
3.6.2 mBuddy ............................................................................................................................................................ 20
3.6.3 Navizon ............................................................................................................................................................ 21
4
5
Preliminary study ........................................................................................................................................................ 25
4.1
Research and results............................................................................................................................................. 25
4.2
Conclusions from the FindMyFriends research .................................................................................................. 27
4.3
Further work suggested in the FindMyFriends research.................................................................................... 27
Design and implementation........................................................................................................................................ 29
5.1
Overall functional requirements .......................................................................................................................... 29
5.1.1 Basic requirements ........................................................................................................................................... 29
5.1.2 Location requirements...................................................................................................................................... 29
5.1.3 Privacy mechanisms......................................................................................................................................... 29
5.2
Architecture and implementation ......................................................................................................................... 30
5.2.1 The database..................................................................................................................................................... 30
5.2.2 The FriendRadar component ........................................................................................................................... 31
5.2.3 Implementation of the JSP pages..................................................................................................................... 34
5.3
Privacy mechanisms in The FriendRadar............................................................................................................ 36
5.3.1 Plausible deniability......................................................................................................................................... 36
5.3.2 Friend based privacy settings........................................................................................................................... 36
5.3.3 Proximity.......................................................................................................................................................... 36
v
5.3.4
5.3.5
5.3.6
5.3.7
6
Positioning reciprocity ..................................................................................................................................... 36
Minimal configuration and standard settings .................................................................................................. 37
Grouping of friends.......................................................................................................................................... 37
Feedback when localised ................................................................................................................................. 37
Results ........................................................................................................................................................................... 39
6.1
Analysis of logged data ........................................................................................................................................ 39
6.1.1 User information .............................................................................................................................................. 40
6.1.2 The user’s usage of the system ........................................................................................................................ 40
6.1.3 Friends .............................................................................................................................................................. 44
6.1.4 Messages .......................................................................................................................................................... 45
6.2
Questionnaire ....................................................................................................................................................... 45
6.2.1 Participants ....................................................................................................................................................... 45
6.2.2 Usage of the iPods............................................................................................................................................ 47
6.2.3 Usage of The FriendRadar ............................................................................................................................... 50
6.2.4 The FriendRadar’s influence to its users ......................................................................................................... 57
6.2.5 The users’ privacy feeling in The FriendRadar and the need of privacy mechanisms................................... 57
6.3
7
The interview ........................................................................................................................................................ 66
Discussion ..................................................................................................................................................................... 71
7.1
The research ......................................................................................................................................................... 71
7.2
RQ-1...................................................................................................................................................................... 72
7.3
RQ-2...................................................................................................................................................................... 75
7.3.1 RQ-2.1 .............................................................................................................................................................. 76
7.3.2 RQ-2.2 .............................................................................................................................................................. 77
8
7.4
RQ-3...................................................................................................................................................................... 78
7.5
RQ-4...................................................................................................................................................................... 81
7.6
Threats to validity................................................................................................................................................. 84
Conclusions and further work ................................................................................................................................... 87
8.1
Conclusions........................................................................................................................................................... 87
8.2
Further work......................................................................................................................................................... 88
Bibliography.......................................................................................................................................................................... 89
Appendix A – The questionnaire ...................................................................................................................................... A-1
Questionnaire....................................................................................................................................................................A-1
Results from questionnaire ...............................................................................................................................................A-6
Appendix B - The interview template .............................................................................................................................. B-1
Appendix C – The FriendRadar user manual ................................................................................................................ B-1
vi
List of figures
Figure 3.1: Coverage of Wireless Trondheim ..............................................................................................18
Figure 3.2: Response from GeoPos................................................................................................................19
Figure 3.3: The map from a terminal (Picture: Accenture) ........................................................................20
Figure 3.4: The tag used for positioning.......................................................................................................20
Figure 3.5: WAP interface of mBuddy (mBuddy 2007)..............................................................................21
Figure 3.6: Navizon pizza search (Navizon 2007).......................................................................................22
Figure 3.7: Navizon Buddy Finder (Navizon 2007). ...................................................................................22
Figure 5.1: Overall structure of The FriendRadar .......................................................................................30
Figure 5.2: Database model for The FriendRadar .......................................................................................31
Figure 5.3: The architecture of The FriendRadar component....................................................................32
Figure 5.4: Successful login ............................................................................................................................33
Figure 5.5: Log in screen of The FriendRadar..............................................................................................34
Figure 5.6: The map on The FriendRadar ....................................................................................................34
Figure 5.7: Eva's profile page .........................................................................................................................35
Figure 6.1: Gender distribution of the users ................................................................................................40
Figure 6.2: Number of logins to The FriendRadar ......................................................................................41
Figure 6.3: Number of logins based on gender ...........................................................................................42
Figure 6.4: Number of times located and times connected to WT based on gender..............................43
Figure 6.5: The users’ movements when logged on simultaneously .......................................................44
Figure 6.6: Friend requests and actual friends based on gender ..............................................................45
Figure 6.7: Times the participants has logged in to The FriendRadar. ....................................................46
Figure 6.8: Friends and log in frequency on Facebook...............................................................................47
Figure 6.9: Difficulty the users had in using the iPod ................................................................................48
Figure 6.10: Difficulty the users had in using the iPod based on gender ................................................49
Figure 6.11: Tried and managed to connect to Wireless Trondheim .......................................................50
Figure 6.12: Managed to connect to Wireless Trondheim based on times tried.....................................50
Figure 6.13: How many times the users logged in to The FriendRadar from the iPod and from a
regular computer .............................................................................................................................................51
Figure 6.14: Friends in The FriendRadar......................................................................................................51
Figure 6.15: The numbers of times users has logged in to check their friends location ........................52
Figure 6.16: Have users seen some of their friends on the map?..............................................................53
Figure 6.17: Will the participants use a similar system? ............................................................................54
Figure 6.18: Facebook importance based on interest in a future system .................................................54
Figure 6.19: MSN or Facebook like system ..................................................................................................55
Figure 6.20: MSN or Facebook preference distributed in gender and usage of Facebook....................56
Figure 6.21: Would the system be used more or less if users could see friends’ position regardless of
network .............................................................................................................................................................58
Figure 6.22: Various questions based on if the system would be used more or less if the user's
friends could be positioned regardless of the user's network...................................................................58
Figure 6.23: How many users that would use a lie functionality .............................................................60
Figure 6.24: Would you use the system more or less if you could be located independent on
network? ...........................................................................................................................................................61
Figure 6.25: Crosstab between use the system more or less if located everywhere and locate without
connected to Wireless Trondheim.................................................................................................................61
Figure 6.26: Gender and how many times the users that would use the system less, more or the
same have logged in to The FriendRadar ....................................................................................................62
Figure 6.27: Allow the same friends to see you on the map? ....................................................................62
vii
Figure 6.28: If users would allow the same friends to see the map split in gender and
Facebook/MSN preference ............................................................................................................................63
Figure 6.29: Would you lie if you were located everywhere? ...................................................................64
Figure 6.30: Comparison of the 'lie' questions .............................................................................................65
Figure 6.31: Number of participants that want to use the system with and without the possibility to
turn off the positioning ...................................................................................................................................65
Figure 6.32: Combined results of thought usage with and without possibility to turning off
positioning ........................................................................................................................................................66
Figure 6.33: With or without positioning distributed on MSN/Facebook preference ..........................66
viii
List of Tables
Table 2.1: Message tags.....................................................................................................................................5
Table 2.2: Connection between research questions and questions on the questionnaire........................5
Table 4.1: Interviewees’ attitude towards privacy mechanisms in FindMyFriends ..............................26
Table 4.2: Interviewees’ attitude towards privacy mechanisms in city-scale system ............................26
Table 5.1: Database schema for The FriendRadar.......................................................................................31
Table 6.1: Statistics per user in The FriendRadar ........................................................................................39
Table 6.2: Statistics of logins, times located and connections to Wireless Trondheim ..........................40
Table 6.3: Users that were connected to Wireless Trondheim at the same time.....................................43
Table 6.4: Messages sent in The FriendRadar..............................................................................................45
Table 6.5: What is Facebook used for?..........................................................................................................47
Table 6.6: How much the participants have used the iPod .......................................................................47
Table 6.7: Activities the iPod was used for ..................................................................................................48
ix
x
1
Introduction
This introduction first presents the background and the motivation for this master’s thesis followed
by the report outline.
1.1
Background and motivation
Social network services on the Internet, such as Facebook and MSN have gained enormous
popularity in the later years. As new technology makes it possible to cover entire cities with
wireless Internet access and as mobile devices such as mobile phones that can exploit these wireless
networks become more widespread, such social network services will naturally migrate to mobile
devices. These services will probably include some context sensitive information, with the users'
location as the most interesting. This will make the users of social network services more available
to each other than ever before. This makes it interesting to investigate how users and their social
groups react to an environment where the users' position is constantly available to the other users.
It is also interesting to see if people really want to use applications that reveal their position to
friends and family. Another important aspect with services where users can locate each other is
how users feel about their own personal privacy in such services, and how privacy mechanisms can
help users keep their personal privacy.
This master’s thesis is a continuation on a project written in the autumn of 2007 which
investigated the same questions as this master’s thesis. The questions was investigated using
FindMyFriends, which was a system implemented on the student house Samfundet in Trondheim.
The users of FindMyFriends were able to locate friends currently being on Samfundet. The study
indicates that users behave in a different way as a consequence of that they can see the location of
their friends. To some extent they also behave different because they know that others possibly
know where they are located. Further, the study proposes that people are not too concerned about
privacy in FindMyFriends, but that this probably will be a much larger problem in a system used in
a city environment. Following this, it is clear that some privacy mechanisms are absolutely
necessary for the system to be useful for the users. The most important mechanisms pointed out in
the study, is the possibility to turn the system on and off, preferably in a way that offers the users
plausible deniability. The study further indicates that people seems to be interested in using a
system that have functionality for locating friends in Wireless Trondheim.
1.2
Report outline
This master’s thesis is divided in eight chapters and three appendices.
Chapter 1 – Introduction
This chapter presents an introduction to the study, including background and motivation and the
report outline
Chapter 2 – Research agenda
The research agenda presents the research questions and the research methods used to investigate
these questions.
Chapter 3 – State of the art
This chapter presents an introduction to social network services, ubiquitous computing, behaviour
patterns in location based systems, privacy in P3 systems and social networks services, Wireless
Trondheim and existing systems that have similar functionality as The FriendRadar.
Chapter 4 – Preliminary study
The preliminary study presents the study made on FindMyFriends during the autumn 2007.
1
Chapter 5 – Design and implementation
This chapter presents how The FriendRadar are designed and implemented and which privacy
mechanisms that are implemented in the system.
Chapter 6 – Results
This chapter presents the results from the analysis of the usage of The FriendRadar, the
questionnaire and the interview.
Chapter 7 – Discussion
The discussion presents a discussion of how the research was planned followed by a discussion of
the research questions. Finally, threats to validity are discussed.
Chapter 8 – Conclusions and further work
This chapter presents a conclusion to the research questions followed by possible further work
following this master’s thesis.
2
2
Research agenda
The research agenda describes the research questions investigated through the project followed by
the preparations made before the test period. Finally, the research methods used to answer the
research questions are presented.
2.1
Research questions
Based upon the background and motivation and the problem definition, the following research
questions will be examined through this project:
RQ-1:
Are people willing to use a system with functionality for locating and interacting with their friends
and family using a mobile device connected to a wireless network?
RQ-2:
Will users of a system with functionality for locating other users behave in a different way than they
normally would?
RQ-2.1: Will a user who knows the location of other users behave in a different way than she normally
would?
RQ-2.2: Will a user who knows that other users can know her location behave in a different way than
she normally would?
RQ-3:
Do the users of social interaction systems that share context sensitive information like
location feel they are loosing their own personal privacy?
RQ-4:
How can privacy mechanisms be used to help the users of context sensitive systems for social
interaction not to loose their personal privacy?
2.2
Preparations
This section will present the necessary preparation that was done before the test period could start.
The most important preparation of the test period was of course to implement the system The
FriendRadar, called ‘Venneradaren’ in Norwegian. The system is implemented for this experiment
only, and therefore it could be tailor made to fit the needs of the experiment. The design and
implementation of The FriendRadar is described in Chapter 5.
The experiment with The FriendRadar was coordinated with another student, which also needed
test subjects equipped with mobile devices connected to Wireless Trondheim. Several options were
discussed when deciding which persons to pick as test users. The first option on the table was to use
students from NTNU to test the system. But this option was pretty early rejected, because both the
campuses of NTNU are located outside the coverage of Wireless Trondheim. This would probably
lead to that the test users rarely would be given the opportunity to use the system connected to
Wireless Trondheim. In addition, he NTNU students cannot connect to Wireless Trondheim
without having a VPN client installed on their computer, which are not possible on the iPod Touch.
When the student option disappeared, they most preferable option was to use gymnasium pupils
(16 to 19 years old) from a school located in downtown Trondheim, inside the coverage area of
Wireless Trondheim. All the employees of the municipality of Trondheim and pupils of the schools
in Trondheim have free access to Wireless Trondheim, and are therefore ideal test persons. An email was sent to the headmaster of Trondheim Katedralskole (Trondheim Cathedral School), which
is located inside the coverage area. They had a subject that was meant for pupils interested in
research, especially inside scientific studies consisting of pupils from Trondheim Katedralskole and
Adolf Øien school, which is also located within the coverage area. The teacher of this subject (Aslak
Bjerkvik) answered and said he would be interested in us using his pupils in the testing, as the
research methods was of relevance for his subject.
3
The mobile devices chosen to perform the testing on were Apple’s iPod Touch. This device was
chosen in co-operation with the co-supervisor and the other master student that would use them.
The most important requirement for the device that would be used in the testing was that it was
possible to connect to a Wi-Fi network (Wireless Trondheim). The iPod was chosen in competition
with mobile phones mainly because of its price, as they cost about half the price of a mobile phone
with the same specifications. Its large screen size (3.5 inch touch-screen) was also an important
factor when deciding for the iPod. Finally, the ‘fanciness’ of the device and the iPods’ general
popularity among youths, made it easy to choose this device. The cheapest version was chosen,
which have 8GB hard drive. More about the specifications of the iPod Touch can be read at Apples
homepage1.
At the end of the development period six employees and students from The Department of
Computer and Information Science at NTNU was equipped with an iPod each and registered in The
FriendRadar. They were released inside the coverage area of Wireless Trondheim to test The
FriendRadar, the positioning functionality, the iPods and the robustness of Wireless Trondheim.
The testing lasted about an hour with test persons both sitting still, walking around and moving
around with both bike and car.
Before the real testing could start, a user profile was created for each device, where the username
was the name of each device (which was printed on a sticker on each device). Each user profile was
connected with the relevant device’s MAC-address, so the test users did not have to do this
cumbersome work themselves. The test period started on Wednesday 23rd of April 2008, with a
presentation of the experiment and The FriendRadar for the test users. After this presentation the
users was handed the iPods together with a user guide, presented in Appendix C. The test users
was told that they could use the iPod to whatever they wanted and that they were free to choose
how much they wanted to use The FriendRadar, to get as much realism as possible.
The test period lasted for four weeks, and was completed Thursday 22nd of May 2008, when the
information about the questionnaire was sent out to the pupils.
2.3
Research methods
This section will present the research methods that will be used to investigate the research question
presented in the previous section.
2.3.1 Analysis of recorded data
This section will present which data that is logged by The FriendRadar, and how this data is
analysed.
To make it possible to analyse the users’ movements, the users’ location was saved in the
database every time a user gets located. A user was located every 30 seconds if she moved around
and every two and a half minute if the user was at the same place. If the user was not connected to
Wireless Trondheim, the system still checked the user’s location every hour, in case the user would
connect to Wireless Trondheim and not log into the system. The system also automatically saved
each message that was sent, with a timestamp. This makes it possible to retrieve the location of the
sender and the receiver when the message is sent. The content of the message was separated by the
message information as shown in Figure 5.2, which is the database model of the system, to keep the
user’s privacy. Each message had to be marked with a tag by the sender that states what kind of
message it is. The possible tags to choose among are shown in Table 2.1.
1
http://www.apple.com/ipodtouch/specs.html
4
Table 2.1: Message tags
Tag
inform
request
proposal
confirm
pos_answer
neg_answer
neu_answer
accept_proposal
reject_proposal
not_understood
Description
Information
Request
Proposal
Confirmation (only if answer to inform)
Positive answer (only if answer to request)
Negative answer (only if answer to request)
Neutral answer (only if answer to request)
Accept proposal (only if answer to proposal)
Reject proposal (only if answer to proposal)
Not understood
All the data was recorded in a way that makes it unnecessary for the analyser of the data to
couple actual users to the actions recorded. Each user will be identified with the help of an avatar,
and not their actual names. This makes it possible to identify specific users in the data without
knowing who they actually are.
The recorded data will be used to see how the behaviour of the users is affected by actions by
other users of the system. The data will make it possible to see if an action performed by a user
affects the actions of other users. For instance if user A sends a message to user B, it is naturally to
assume that user B will answer with another action. This can be controlled using the recorded data.
2.3.2 Observational study
An observational study was planned, where one or two users would be followed for a couple of
hours to see how they used the system. As it become apparent that the users did not use the system
very much, the field study was cancelled.
2.3.3
Questionnaire
When the test period was completed, the test persons’ teacher was asked to send out information
about an online-questionnaire about the two systems (The FriendRadar and the other student’s
@School) the pupils had been testing. The questionnaire consisted of three parts. First, a part where
the participants was asked general questions that was interesting for both systems and that together
made a set of background information about the users. The second part consisted of questions about
The FriendRadar. The questions of this part were developed with this master’s thesis’s research
questions as background. Table 2.2 shows which research questions each question in the
questionnaire are based on. Some questions are relevant for two or more research questions, but are
in the table connected with the research question it is most relevant for. The questions of the two
first parts of the questionnaire are presented in Appendix A – The questionnaire. The questionnaire
was written in Norwegian, and the questions are therefore translated to English. The third and final
part of the questionnaire consisted of questions relevant to the other system, and are not a part of
this master’s thesis.
Table 2.2: Connection between research questions and questions on the questionnaire
Research question
Background information
RQ1
RQ2.1
RQ2.2
RQ3
RQ4
Questions from questionnaire
1-21
22, 23, 25-32, 49-52, 57
33-38
41-44
40, 46-48, 53-54
24, 45, 46, 55, 56, 58, 59
5
The usages of an online questionnaire, which is classified as a self-administrated survey, have
both advantages and disadvantages (Robson 2002). Advantages of a self-administrated survey is
that they are a very easy way of retrieving information from a large set of people, and it is an
efficient way of getting a large amount of data at low cost and in a short period of time. Further, an
online questionnaire preserves the anonymity of the participants, which encourages a high level of
frankness. Some disadvantages are that data are affected by the participants’ memory, experience,
motivation and personality, the questionnaire might suffer from a low response rate and the sample
may not be representative. Further, it can be very difficult to see if the questions are ambiguous, and
misunderstandings of the question may not be noticed. Finally, the participants may not answer the
questions seriously, which is also difficult to detect (Robson 2002).
The questionnaire was produced with consideration to the disadvantages of this type of survey.
To reduce the problem of low sample rate, the questionnaire was tried to be made as short as
possible with short and simple questions. The two projects (this and @School) questions was
merged into one questionnaire, such as the users only had to answer one questionnaire. As a
consequence, the questionnaire became longer, but in total the users had to answer fewer questions
because both questionnaires had some similar questions. In the e-mail the teacher sent to the pupils,
it was explained that the questionnaire would take maximum ten minutes to complete. It was also
explained that a gift coupon (300 NOK) would be given to one lucky winner among the
respondents. The questionnaire was open for five days (22nd May to 26th May), and a reminder email was sent near the end of the period. To avoid the rest of the disadvantages, some simple rules
taken from Robson (2002) were followed. The language of the questions was simple, the questions
were short and great care was taken with sentence structure to remove ambiguity. Leading
questions and double-barrelled questions; questions that ask two questions at once, were tried to be
avoided. The response alternatives was produced with care, as they were tried to be made accurate,
exhaustive, mutually exclusive and kept in a single dimension (Robson 2002).
2.3.4 Interview
Interview was chosen to add more depth to the results from the questionnaire. In the e-mail the
teacher sent out to his pupils about the questionnaire, he also asked if any of them could be
interviewed about The FriendRadar. It was explained that it only would take about 20 minutes, that
the interview was totally anonymous and that the interview would take place at their school. Two
of the pupils answered that they would be interviewed. The interviews were scheduled at their
school during a school period with ten minutes interval between the interviewees on 27th of May
2008. The second interviewee did never show up, so only one of them was interviewed. The
interview was voice-recorded, and the purpose of the interview and the interviewee’s anonymity
was carefully described before the interview started.
The interviews followed the semi-structured form described in Oates (2006). This means that a
template is followed, but the interviewer can rearrange the order of the questions depending on
how the conversation develops, and new questions can be added when interesting subjects arise.
The template followed in the interviews is presented in Appendix B. The questions asked in the
interview are produced with the research questions presented above in mind. Great care was also
taken in making the questions in such a way that complements the answers from the questionnaire.
Interviews as a research method has several advantages and disadvantages as described in Oates
(2006). The main advantage is that they are good at dealing with topics in depth and detail. Some
other advantages is that little equipment is needed and the researcher can check if the person
answering is the right one for answering the questions and they have a flexible form. Disadvantages
mentioned are that interviews are time consuming for the researcher and interviews requires good
social skills from the researcher. The setting is artificial and the interviewees know they are
speaking for the record, and a false impression can be given from that. There is also a possibility
6
that they can be misleading because the participants only say what they remember and think they
did, which not always corresponds with reality. In this case however the most interesting part is
what the participants think, and not what they did. Therefore this is more of an advantage than a
disadvantage.
7
8
3
State of the art
The State of the art will start by describing social network services followed by a description of
ubiquitous computing. Further, relevant literature about the behaviour of users in location-based
services and privacy in P3 systems and social network services are presented. Finally, the
environment of Wireless Trondheim is presented followed by a presentation of similar systems as
The FriendRadar. Some parts of this chapter is retrieved form the preliminary study, as these two
studies treats the same topics. This master’s thesis presents the topics both deeper and broader than
the preliminary study, however.
3.1
Social network services
Web 2.0 is the second generation of the World Wide Web. The main difference from early web sites
to Web 2.0 are that user participation is emphasised using dynamic websites, instead of just using
the web as a tool to publish static content. User can not only download and read information from
the web, they can also publish and upload text, pictures, videos and etcetera to the web (O'Reilly
2005). Examples of Web 2.0 services are social network services like Facebook and wikis like
Wikipedia.
Social network services have reached an enormous popularity the last couple of years. Examples
of such networks are Facebook2, MySpace3, LinkedIn4 and Last.fm5 together with hundreds of
others6. Common for all these networks are that users can search for other users and connect to
them as friends or contacts. Often the networks offer some kind of media sharing among friends.
According to statistics presented on the Facebook website, Facebook have more that 70 million
active users. Up to 2008, an average of 250,000 new users registers every day, and the number of
users was doubled every 6 months. It is the sixth-most trafficked site in the United States. Facebook
is the number one photo sharing application on the web with 14 millions photos uploaded daily.
These statistics give some indication of the massive popularity such networks has.
3.2
Ubiquitous Computing
This section will first introduce the concepts of ubiquitous computing and ambient intelligence
followed by a description of what context means in ubiquitous computing.
3.2.1 Ubiquitous Computing and Ambient Intelligence
The term Ubiquitous Computing was introduced by Mark Weiser early in the 1990s. The term literally
means computers that are everywhere, which are very describing. In “Hot-topics: Ubiquitous
Computing” (Weiser 1993), he describes ubiquitous computing as a network of fully connected
devices which make information available to the user, virtually invisible, in the everyday visible
world. He describes a world where you do not need to carry a PDA, since all the information you
need will be available on devices in the physical environment surrounding you. He further
imagines that a normal office in the future will have hundreds of little displays, replacing post-it
notes, working papers, wall posting and so on (Weiser 1993). Weiser’s vision has not yet fully come
true, but the term ubiquitous computing is fully alive. Ubiquitous computing covers a wide spectre
of computers embedded in everyday devices (cars, refrigerators etc.), but also mobile computers
http://facebook.com
http://myspace.com
4 http://linkedin.com
5 http://last.fm
6 See a list at http://en.wikipedia.org/wiki/Social_network_service
2
3
9
like mobile phones and mp3 players connected with wireless networks. Internet has become an
important part of ubiquitous computing as it is the network that connects these computers together.
Ubiquitous computing, pervasive computing and ambient intelligence have often been used
synonymously. One can say that pervasive and ubiquitous computing actually are synonyms. For
instance, if you search for ‘Pervasive computing’ on Wikipedia, you are automatically redirected to
the article about ubiquitous computing. Ambient intelligence however, refers to an environment
where ubiquitous computing is implemented. The environment consists of a number of embedded,
therefore hidden computers that are sensitive, adaptive and responsive to the presence of people
and objects in the environment. This environment assists the user in performing her activities in a
non-explicit and smart way. While utilizing the information from the environment, privacy, security
and trustworthiness are preserved (Weber, Rabaey et al. 2005).
3.2.2 Context in Ubiquitous Computing
Context in ubiquitous computing is the situation the user is in when she interacts with the
computer. The context can consist of information about the position, the identity and the state of
people, groups, computer devices and physical objects. Context is often used for devices to make
decisions for a user depending on the situation the user and her device find themselves in (Dey,
Abowd et al. 2001). In the case of The FriendRadar, the important context information is the
position of the user.
Location-based services (LBS) are “any service that takes into account the geographical location of an
entity” (Junglas and Watson 2008). An entity is either human or non-human. It is distinguished
between location-tracking services and position-aware services. Location-tracking services give
information about a user’s location to other entities using the system. Position-aware services on the
other hand, are aware of the user’s location, but do not share it to other entities. It simply uses the
knowledge of the user’s location to provide the user with useful information concerning this
particular location. The FriendRadar and FindMyFriends are typical location tracking services, and
a service providing tourist information automatically to a user depending on her location is a
typical position-aware service.
Systems that link people-to-people-to-geographical-places are called P3 systems by Jones and
Grandhi (2005). Since LBS’s uses the term entity which is both human and non-human, one can say
that a P3 system is the type of LBS’s concerning linking people to geographical places. The term P3
system will be used in this work, because it is considered more precise. Jones and Grandhi’s article
“P3 systems: Putting the Place back into Social Networks” presents a conceptual framework of P3
systems, which splits P3 systems into two groups, people-centred and place-centred (Jones and
Grandhi 2005). People-centred systems are systems that either use absolute positioning or
collocation/proximity. An illustration of systems that uses absolute positioning used by Jones and
Grandhi is “The Weasly clock”, taken from the universe of Harry Potter. This is a clock used by the
mother in the Weasly family. Instead of the minute- and hour hand, this clock has nine hands, one
for each of the members of the Weasly family. Instead of numerals, there are descriptions of places
where the members of the family could be. So if one of the family members is at school, his hand is
pointing at “School” on the clock. It is giving information of the absolute position of a person. With
collocation/proximity the user’s position are relative to some point, often another user. An example
can be if a user has a contact list, and all the contacts that are within a kilometre of the user are
shown in green text. Place-centred systems are systems that link virtual places to physical locations.
Further, these systems do either use physical places or matches virtual places. The authors use
another example from Harry Potter to illustrate the use of physical places. “The Marauder’s Map” is a
map that shows every detail of the wizard school Hogwarts. Inside the map there are many small
dots with names on that are moving around. These dots show where every single person currently
inside the school area are located (Jones and Grandhi 2005). The map is very similar to The
FriendRadar, which therefore is categorised as a place-centred system. Further, P3 systems can be
10
either synchronous or asynchronous in terms of communication and location awareness. In The
FriendRadar there is synchronous location awareness because one can only see the current location
of the users. The communication however, is asynchronous; one can send a message to the other
users, which are possible to read at any point after it is sent.
Grandhi, Jones et al., (2005) presents a survey executed at various places in Manhattan, with
more than 500 participants. 84% of the participants were willing to share their location data
(anonymously) to get information about crowding and occupancy in public places like restaurants
or train stations. 77% were willing to let others know their current location in public and semipublic places; 69% to family and friends, 32% with colleagues and 17% with strangers. It is
concluded that the survey suggest that a large proportion of the population considers P3 system
sufficiently beneficial to let services collect their position data (Grandhi, Jones et al. 2005).
3.3
Behaviour of the user and usage patterns in location-based services
Not much research has been done on how users’ behaviour is affected by location-based services.
Colbert (2001) focuses the study on how rendezvousing is planned and performed. It shows that a
rendezvous frequently does not occur exactly as planned. A rendezvous is any meeting with other
people at an agreed time and place. Several tasks must be performed for a rendezvous to be
successful; re-planning the rendezvous, seeking information about how to get to the meeting point
(both travel and geographical), seeking information about other rendezvousers and about the
activities following the rendezvous and communicating with other rendezvousers. Outcomes of a
rendezvous are the additional stress and lost opportunities associated with the attempts to meet an
agreed time and place. Mobile phones have made these outcomes less obvious, and Colbert (2001)
presents a study on how a mobile device with a location-based service can make these outcomes
even less obvious. It shows that 176 of the 415 rendezvous made by the participants in the study
were problematic. About 30% of the rendezvous were performed without any kind of
communication, and 44% was performed with a single communication. The rest was performed
with more that one communication. The most important reason for an unsuccessful rendezvous was
problems with the travel (traffic, delayed trains etc.), followed by overrun previous activity. The
author states that the current mobile devices (2001) are not satisfactory to help rendezvousers to
meet. He stresses that position-aware communication (sharing locations with others) would have
solved many of the problems found in the study. Further, the study suggests that position
information alone is likely to be informative. Finally, he shares some thoughts on how a locationtracking system would change the way the users behave during a rendezvous. He presents two
examples, one where a mother does not know whether the father has picked their kids up at school
or not. If she could see the location of the father (or even the kids), she would have known that the
kids where picked up, and on their way home. Therefore she could drive home instead of stressing
to the school to check. Another example is that if a user know she is early for a rendezvous with her
boyfriend, she would probably be more willing to spontaneously pop into a shop while waiting,
assuming that her boyfriend will know her location when he arrives. In this example, the
rendezvousers are taking a higher risk, which can lead to new problems (Colbert 2001).
A recent study (Barkhuus, Brown et al. 2008)of the users behaviour when using Connecto, a
mobile phone application that displays context and location information among small groups of
friends, show that a P3 system can change the way users communicate with each other. Connecto is
designed and tested especially for getting an understanding how location awareness would work
within a peer-group of friends. Connecto has a friend list which shows the friends’ name, location
and ring profile. The location is obtained automatically by GSM cell towers and GSM cell
fingerprints. Cell fingerprints means that each user couples an actual location (relative to up to
seven cell towers) with a location name of their own choice. This location name could be
geographical labels, place names, activities and hybrids of all these. Examples are ‘home’, ‘working’
and ‘Amsterdam’. If users are outside a registered fingerprint location, their last location is shown
11
with the time since last seen there. Users could also choose to set their location manually, that is
write anything they would like in the location field independent of their actual location. Their ring
profile could either represent their current phone profile or any text of free choice could be written
there. The study of the users’ behaviour using Connecto, shows that the information was shared as
story telling. The place name was mostly the user’s location and the profile was mostly the user’s
activity. The authors propose the possibility to manually name a location as the biggest factor
behind Connecto’s success, as this is more interesting and telling more of a story to a friend that
their actual location. Users reported to check their phone constantly to see what their friends were
up to. This awareness of others location and activities made people do actions spontaneously. A
user reported that he used Connecto to show his friends that he was at the shooting club, and that
he hoped the others would come and join him. Two of his friends actually did join him. Users also
reported not to call a friend when the friend was in some known locations. Users also reported
more behaviour as a consequence of that they could see other’s location; one user said he saw his
roommate at home and asked him start preparing the dinner, a couple reported episodes where one
asked her partner to pick something up on the way home after seeing the partner just left work and
a participant that commuted to work with another participant said that it was useful for him to see
when the colleague has left his home, as he knew he would show up on his house twenty minutes
later. The same user also reported that he saw his friend was late, and called him to ask what was
going on, only to realise that his friend has slept in. The past days’ labels would be used when
users actually came together. The users used the labels to find subject to talks about when they met,
for example talking about the activities of their weekend. The users were actually expected to have
seen the other’s activities, or else they could easily fall out of the group’s conversations. The study
also shows that the users wrote their labels with care. They were self-conscious of what their profile
and location was set to, even though they never could know who was watching (Barkhuus, Brown
et al. 2008).
3.4
Privacy in P3 systems and social network services
For the last ten to fifteen years privacy in information technology has been a very hot topic. Privacy
in ubiquitous computing has not received the same attention, but some good and important studies
exist. Langheinrich (2001) describes why privacy is particularly important in ubiquitous computing
with four properties. These are ubiquity; the computers are everywhere, invisibility; the computers
disappear from our view which makes it difficult to know whether we are interacting with a
computer or not, sensing; the sensors are becoming more accurate and can sense a more detailed
picture of the environment and memory amplification; the ability to store large amounts of data
collected from cameras and other sensors. Many of the threats of these properties are controlled by
laws, both international and national (Langheinrich 2001).
The most obvious threat to think about when talking about personal privacy and ubiquitous
computing, is the term Big Brother, described in Orwell's legendary science fiction novel “Nineteen
Eighty-Four” (Orwell 1949). All the citizens in Orwell's world are under constant surveillance by the
government, by the use of technology that is possible today. In information technology this is a
problem of two classes. The first class is the intentional tampering and misuse of applications to
find information about others that these individuals considers private. The other class of the
problem is the unintentional intrusions in others privacy because of poorly designed systems
(Bellotti and Sellen 1993). The first class is difficult to completely remove, because there will always
be criminals and persons that can not be trusted. The second class however, is a problem that can be
erased with the right design (Langheinrich 2001). In everyday life it is not the threat of a society like
the one in “Nineteen Eighty-Four”, but our interpersonal interactions that is of most concern. We as
users want to minimize embarrassment, protecting our territory and staying in control of our own
time. We want the same amount of control in virtual settings as in real life settings. In real life,
12
people can not listen to conversations in a distance or look through closed doors. These properties
are something the users are expecting of virtual settings as well (Palen and Dourish 2003).
Many of the problems in ubiquitous computing are related to the concept of mutual awareness.
A part of mutual awareness is the problems of disembodiment and dissociation. If you meet
persons in a real life setting, you can receive information in many ways including position, voice
level, face expressions and direction of gaze. In ubiquitous environments these abilities to express
yourself might be less effective. You may also have problems knowing what others are trying to
express. In real life people normally live by the intuitive principle that if I can not see you then you
can not see me. This is not always correct in ubiquitous applications. Users may no longer exactly
know what information they are conveying, in what form the information is, if the information is
permanent, who is getting the information and how they are using the information (Bellotti and
Sellen 1993).
Bellotti and Sellen (1993) present a framework for designing ubiquitous information systems that
preserve privacy with the help of feedback and control. These two issues are in the words of Bellotti
and Sellen (1993) “[Feedback and control are] fundamental to successful communication and collaboration
amongst users as well as to maintaining privacy”. By control the writers mean that the users always
must have the power to control what information they are showing about themselves and who can
see this information. By feedback they are pointing on the need users have for knowing when and
what information about them is being captured and who is getting hold of this information. In other
words, control is the possibility to edit preferences about which users that can see what information
about you, and feedback is the amount of information you receive about who is currently seeing
what information about you. The paper further present four categories you need to have control
over and get feedback about. These are capture; what kind of information is picked up, construction;
what happens to information, accessibility; is the information public, available for certain persons or
exclusive to oneself and purposes; to what use is the information put and how can it be used in the
future (Bellotti and Sellen 1993).
Later studies do also point out similar aspects of privacy management as Bellotti and Sellen's
feedback and control. Langheinrich (2001) is referring to feedback as notice, but it is basically the
same concept. He explains control as choice and consent. Jiang, Hong et al. (2002) presents The
principle of minimum asymmetry when talking about feedback and control. It says:
“A privacy-aware system should minimize the asymmetry of information between data owners and data
collectors and data users, by:
Decreasing the flow of information from data owners to data collectors and users
Increasing the flow of information from data collectors and users back to data owners”
By decreasing information flow from data owners the users gets better control over the system.
Increasing information flow from data collectors provides better feedback from the system.
Examples of privacy mechanisms that provide control by decreasing information flow are
anonymising or pseudonymising which refers to being totally anonymous or using an avatar or a
nickname respectively. Pseudonymity allows users to be recognised each time they interact in the
environment. Increasing location granularity and decreasing the rate which information about
location is sent can be used to make the information about a user’s location less accurate. (Jiang,
Hong et al. 2002). Further a self-view which shows the user exactly the same information that other
users can see about this user can be used. Plausible deniability give the user the ability to plausible
deny that she did not want to interact with that particular person at that particular time, but make
up some other excuse. If this excuse can be made ambiguous, it will have less impact on the social
relationship. For instance, when you refuse to answer a phone call when you know there is
someone you do not want to talk to that are calling, you can later make some excuse about why you
did not answer. Reciprocity is an essential property for building trust and deep relationships. If you
tell too much or too little about yourself, you are generally disliked. A relationship, both in real life
13
and in virtual life, need to have balance in the amount of information and in what kind of
information revealed to each other. In awareness applications this is managed by viewing the status
or location of others only to users which are showing their own status or location. Users of social
networks can have nearly as many relational selves as they have interpersonal relationships.
Therefore grouping of contacts, with different settings to each group, offers the users to keep better
control over what to disclose to which people (Raento and Oulasvirta 2005). To get better feedback
from the system one might log all access of the user’s position, give notification when someone asks
for the user’s position or provide clear feedback over which information that is stored (Jiang, Hong
et al. 2002). Some of the mechanisms mentioned above could be placed both as mechanisms to
improve feedback and control, which shows that they are two tight related concepts.
The article “Personal privacy through understanding and action: five pitfalls for designers” (Lederer,
Hong et al. 2004) describes feedback and control as the means a designer have to engender
understanding and action. The article describes feedback and control as “[Feedback and control is] the
designer's opportunity to empower those processes (understanding and action), and they are the user's
opportunity to practice them.” The authors uses pitfalls which they have experienced themselves as
examples of how bad privacy design can affect computer systems. The five pitfalls are split into the
two categories of understanding (feedback), pitfall 1 and 2 and action (control), pitfall 3, 4 and 5:
1. Obscuring potential information flow:
Systems must make clear what possible disclosures they can make. This include what types of
disclosure is possible, who can receive it, which media it is conveyed through, collection of meta
information and potential for unintended disclosure. Some information types of particularly
interest are personae information such as passwords and e-mails, and activity information such
as location and purchases.
2. Obscuring actual information flow:
Systems must make clear what is actually disclosed. Users must understand what information
that is conveyed and who is receiving the information. This is provided through feedback from
the system.
3. Emphasising configuration over action:
Privacy management should follow as a consequence of the users ordinary use of the system.
This means that you should not need a load of configuration of privacy settings to maintain the
desirable privacy in the system. In real life users do not explicit state which information that
should be private and which information that should not be private. They change their “privacy
settings” depending on which social setting they appear in. Research has proved that users tend
to use the default settings of a system (Palen 1999). They do not take the time to configure their
setting to fit their needs. If they actually do change the settings, they are usually too difficult to
set when it comes to privacy. Users are asked to set preferences in future and unpredictable
situations. What they think is their preferences in a particular situation do not always fit reality.
Users also easily forget which preferences they have set in the different situations.
4. Lacking coarse-grained control:
Many devices fall into the pitfall of giving a user too many choices. Often a binary on/off button
is the best solution for controlling availability. Binary buttons are something every user can
control with ease and everyone understands their meaning. Another solution might be a simple
ordinal control like the one you find on volume controls. Binary and ordinal controls are easy to
adjust and give an easy and immediate response.
5. Inhibiting existing practice:
Computer systems should try to adapt existing practices in social interactions. If they fail to do
14
so, they might fall into this pitfall. Some of the most important issues in this field are the concept
of plausible deniability. This means that the user cannot know whether the lack of response was
intentional or not. A related concept is the disclosing of ambiguous information, which as
mentioned above, can be use of pseudonyms or imprecise locations. Both of these concepts are
often more difficult to achieve as the technology gets better.
In “Location-Based Services: Back to the Future” (Bellavista, Küpper et al. 2008) a future scenario of
Location-based systems is described. The article appears to be written in 2012, and asks the
question: “What Was Wrong with First-Generation Location-Based Services?”. The authors present a
view in retrospective that describes the reasons why the first systems which share a user’s location
with others (a user or a server) did not succeed commercially. Some of the reasons described are
concerning bad user experiences following technical limitations and cumbersome user interactions.
They describe a change from reactive system interactions to proactive system interactions. This
means that the ‘new’ systems anno 2012, are automatically (proactively) initiated when some
predefined event occurs, and not explicitly (reactively) invoked by the user. Another change that
they believe was a part of the reason for the (imaginary) revolution of LBSs, was that the systems
went from single target to multi target. This is both multiple users located at once and multiple
users together with other targets. The authors main reasons for the revolution however, concerns
privacy in LBSs. The most important feature of the ‘new’ systems is user centricity. The centric
management of location data is described as the main privacy concern of the early systems. It was
not until the users managed the location data themselves, they started to trust the systems. The
location in the ‘new’ systems are retrieved by a combination of GPS, Wi-Fi positioning and
GSM/UMTS positioning. Each user saves their location locally and is therefore in complete control
of their own location information. The data is shared directly with their friends, and only when
needed and in the granularity chosen by the user. In this way the users need not to concern about
how their location data is used by a central server. The 2012 analysis, also describes the protection
from legitimate users as an important feature that helped LBSs to gain popularity. The mechanisms
used are plausible deniability, as mentioned above, and what they call reciprocal exchange of location
data. By this, the authors means that the exchange of location data must be symmetrical, which is
the same as The principle of minimal asymmetry described by Jiang, Hong et al. (2002). In this occasion,
the users are seen as both data owners and data collectors.
A survey from UC Berkeley concludes that identity of the inquirer of information is of greater
importance that the current situation of the user, when deciding which privacy setting to use in a
mobile application used for social interaction. It further concludes that designer should use identity
of the inquirer as the primary index in privacy settings and situation as the secondary index
(Lederer, Mankoff and Dey, 2003). These results are confirmed and further elaborated by a threephased survey performed on 16 non-technical participants by Intel Research Seattle. This study
concludes, as mentioned, that who the requestor of location data is, are the most important factor
when deciding to disclose the data or not. Especially their feeling towards the requestor influenced
the decision, for example one participant said she avoided her mother on purpose. People were
most willing to share their location with their significant other (disclosed location 93% of requests),
followed by friends (85%) and family (83%). They were much less willing to share location data with
co-workers (53%) and managers (34%). Two other important factors when deciding are why the
requestor want the user’s location and what level of detail would be of most interest for the
requestor. Another key finding was that participants either disclosed the location in the detail level
most useful to the requestor, or did not disclose the location at all. This means that users very rarely
disclosed less detailed location data to protect their privacy. The times they disclosed location data
with higher granularity, they did it because they thought this would be of most interest for the
requestor. This was done usually to requestors living in another state or country (that would not
benefit from knowing the exact street address) or when the participant was on a trip in other places
then their home city. If the participants did not want the requestor to know their location, they
15
simply chose not to disclose any location at all. The study further showed that activity and mood
also influenced the participants’ decision whether to disclose information or not. When people
stated they where angry, they only disclosed their location 57% of the time. Surprisingly maybe,
participants disclosed location most often when depressed (82%). The activity that got the highest
request rate was doing household chores (96%), and the two with lowest rate was studying (63%)
and talking to a colleague in person (65%). Finally some people where interviewed about which
situations they rejected a location request. The situations mentioned was request from their boss
after work hours, inappropriate request from friends (when socialising with others), when out on
dates with significant others, when doing errands (they did not want to picks stuff up for others)
and when they were trying to hide actions they should not be doing (or hide that they where not
doing what they was expected to be doing) from their significant others (Consolvo, Smith et al.
2005).
Another survey is based on the actual use 350 users of Flickr with a mobile phone application
called ZoneTag that supports camera phone photo sharing and organization via Flickr. Pictures can
be uploaded directly from the phone to Flickr, with different privacy settings. Flickr have five
privacy levels; private, family-only, friends-only, friends-and-family and public. The application
automatically connects the picture to the user’s actual location using mobile position techniques.
Following this, a picture uploaded with ZoneTag will be tagged when viewed on Flickr. The users
have the possibility to manually suppress the location data of a picture. The findings in this survey
further confirm that the identity of the users that requests location information is of most
importance when deciding privacy settings. Only 2% of the pictures uploaded had the location
suppressed. Users decided to upload more private pictures in a more private category, rather that
suppressing the location where the picture is taken and make it public. Further the authors
discussed several dimensions of concern of the users, retrieved from interviews. First, the object
dimension indicates that users are more careful when it comes to pictures which include other
people than with pictures of only themselves. Several interesting points were raised from the
interviews. Some security concerns were expressed, especially by mothers that described it as “a
roadmap for sexual predators”. Concerns dealing with the identity of self and others were also an
issue, for example one user did not want to be seen on a gay parade and some users where worried
about HR departments searching for their name. Social disclosure was also an issue in both negative
and positive ways. One user published a photo so his friends would know where he was, but on the
other side some were worried that someone that was not invited would see the picture and get hurt.
When it comes to location privacy, the participants expressed little to no concern with the fact that
the application collects and exposes location data. One user said that he would not publish photos
online if he was trying to hide his location from someone. Two users expressed concerns about
advertisers using their location information combined with the content of their photos (Ahern,
Eckles et al. 2007).
All studies presented so far agree that privacy, especially location-privacy, is of great importance
in ubiquitous computing and that users of location-based services are in great danger of loosing
their privacy feeling. Later field studies of the usage of implemented systems (and some surveys)
however, indicate that this privacy concern might not be as big in reality as it is in theory. It all boils
down to a tradeoff between the usefulness of the service and the users’ privacy concerns while
sharing their location. Barkuus and Dey (2003) concludes from their results (that shows that 11 of 16
users are not concerned) that people are not overly concerned about their privacy when using
location-based services. They also found that users are more concerned about location-tracking
service than location-aware services, and since they find both types of services equally useful, they
suggest that location-aware systems should be emphasized (Barkhuus and Dey 2003). These results
are from a diary study of fictional systems, and only presents what users imagine can be a problem.
Junglas and Watson (2008) on the other hand, argue that location-tracking systems should be the
focus of development, since they offer a greater usefulness to the users. The results from their study
also show that users had a mixed feeling of enthusiasm and concern towards such systems (Junglas
16
and Watson 2008). Another field study (Barkhuus 2004) performed in a closed environment (The
University of California, San Diego) with the system Active Campus also suggest that the ‘coolness’
and usefulness of a system, could undermine the users’ focus on privacy issues. This is however no
reason for not to implement privacy mechanisms to future systems, as users must know who can
and who cannot see their location to be able to accept the system. To be able to turn a system off is
important, and a system would be easier to accept if it is in a closed setting, either physical or closed
user groups (Barkhuus 2004). The users of Connecto (Barkhuus, Brown et al. 2008) had several
privacy mechanisms implemented. For instance it had a possibility to manually set your location,
independent on where your actual location was. This function could be used to achieve plausible
deniability by lying on your location, but it was not used this way. It was used to give the friends a
better understanding about their actual location instead of lying about it. For example if a user was
in another town, the area was too big to register to a location, so she only wrote the city’s name
manually. The system was not possible to turn off, but since the users had to write in the location
themselves, they had the possibility to be in unknown areas if they wanted to. They could also blur
out their location name, for example just write ‘restaurant’ instead of a particular restaurant’s name.
None of the users expressed any concerns about privacy in interviews after the project was finished,
not even when they were explicitly asked about it. The authors think that the usefulness of the
system, the practical use and the awareness of the system outweighed these privacy issues
(Barkhuus, Brown et al. 2008).
3.5
Wireless Trondheim
Wireless Trondheim is a project that covers the downtown of Trondheim with wireless Internet
connection available for anyone to use. Students and employees of NTNU, employees in the
municipality of Trondheim and pupils of the high schools of Trondheim, have free access to the
network. Everyone else must buy a cheap ticket, which gives them access to the network for twelve
hours. Figure 3.1 shows the areas in Trondheim which is covered by wireless network. As the figure
shows, the entire downtown of Trondheim is covered by the network. Some areas however are
shielded from the signal, especially indoors it is difficult to connect to the network. The markers in
the map in Figure 3.1 are indoor locations (cafés and shopping centres) that have Wireless
Trondheim hotspots.
The transmission technology used is Wi-Fi hotspots, backed with fibre-cables. This gives a signal
reach of about 60 metres from each hotspot. In the near future the plan is to integrate WiMAX
technology in Wireless Trondheim, which will offer a signal reach of about 10 kilometres from each
transmitter (Andresen, Krogstie et al. 2007).
17
Figure 3.1: Coverage of Wireless Trondheim
3.5.1 Geographical Position Service
Geographical Position Service (GeoPos) is a position service for Wireless Trondheim. GeoPos has a
web service interface that offers connections to the Cisco Location Appliance. Input to the GeoPos
service is the MAC-address of the device which you want to retrieve the location of, together with
some certification-data. From this follows that you can locate any device, both your own and any
other. The response from the service is the user’s location in XML format, together with some other
parameters. An example of the response from the server is presented in Figure 3.2. The <X> and
<Y> elements is the position of the device in Wireless Trondheim. The <Longitude> and <Latitude>
elements is position of the device in Universal Transverse Mercator (UTM) coordinate system, and
the <geoLongitude> and <geoLatitude> elements is the position in the longitude/latitude
coordinate system. Google Maps uses the latter coordinate system, and the coordinates can
therefore be used directly in Google Maps. The <changedOn> element is the time the user’s location
last changed, in milliseconds from January 1st 1970. If the device is located outside the area of
Wireless Trondheim an <ErrorList> element is filled with a specific error response.
18
<?xml version="1.0" encoding="UTF-8" standalone="yes" ?>
<GposResponse>
<ResponseHeader sessionID="NOT-SET"/>
<ResponseBody requestID="reqIdNotImplemented" version="1.0" locationType="CURRENT">
<XYPosition>
<X>1666.92</X>
<Y>300.06</Y>
<Longitude>569620.0</Longitude>
<Latitude>7033449.0</Latitude>
<geoLongitude>10.394750213485754</geoLongitude>
<geoLatitude>63.42273795639271</geoLatitude>
<changedOn>1208936530977</changedOn>
<FloorId>12</FloorId>
<Elem>Sone14</Elem>
<Elem>Sone14</Elem>
<Elem>Midtbyen_Group</Elem>
<Elem>Midtbyen</Elem>
</XYPosition>
</ResponseBody>
</GposResponse>
Figure 3.2: Response from GeoPos
3.6
Existing systems
This section will present systems that offer similar functionality as The FriendRadar. First,
FindMyFriends will be presented followed by the Norwegian system mBuddy and Navizon.
3.6.1 FindMyFriends
FindMyFriends is a project developed by Accenture for UKA-07 that allows people to locate each
other at Samfundet. “Studentersamfundet i Trondhjem”, or just Samfundet for short, is a student
society in Trondheim that is student driven. Samfundet arranges concerts and other social activities
for the students, with the student festival UKA as the biggest happening every second year.
Samfundet has 1200 volunteers and over 8000 members. The name Samfundet is also used for the
building where the society is located. It is a very big red and round house, which was built in 1929.
It is a known problem among students in Trondheim that it is difficult to find each other inside
Samfundet. Accenture was one of the main sponsors of UKA-07, and had the idea of promoting the
technology behind FindMyFriends during UKA-07 by making it easier for the participants on a
party to find each other. The system was particularly aimed towards the workers of UKA-07, to
make it easier for the workers to keep track of each other.
Users of the system registered a user profile on the website7. After a user had registered her
profile she could start connecting with the other users, much like the concept behind Facebook and
other social network services. Just before UKA-07 started, the users received their tag used for
positioning. The tag had to be registered by the user, to connect the user to the tag. There were
placed user terminals at Samfundet, which allowed the users to log into the system. When a user
moved around Samfundet wearing the tag, the user’s friends could log on the website or one of the
terminals to check out the user’s position. A user can only locate the users that have accepted to be
friends with her. The system generates statistics based on the user profiles, which allows the users
to see which rooms that have most girls, the average age of the users in a room, where you should
be if you want to meet most single boys and similar statistics. Users could also send avatars to each
other, that is a little icon that represents a meaning.
7
http://findmyfriends.no
19
The website offered the users to register as a member of FindMyFriends and make a user profile.
After registering the users could search for other users that they wanted to be friends with, and ask
them to become friends
To log in on a terminal at Samfundet, the users have to carry her tag and ‘show’ it to the
terminal. Then a welcome screen appears where a pin code must be entered. This means that a user
have to carry the tag to be able to locate someone through a terminal. Users can log in on the
website from wherever they want without using the tag. On the terminals the users can locate their
friends on the map and check the statistics. To become friends or to send avatars to other users, one
has to be logged in on the website.
The users are able to locate their friends on the map shown in Figure 3.3. This screenshot is taken
from one of the terminals, but the map is similar on the website. The user logged in on this figure
has two friends currently on Samfundet, both in Bodegaen. One of her friends is shown as a pacman
avatar (the yellow one) and the other one are shown as normal.
Figure 3.3: The map from a terminal (Picture: Accenture)
The technology used for positioning of tags inside Samfundet is Ultrasound indoor positioning
system (IPS). Ultrasound makes it possible to locate users precisely by room using wireless detectors
and tags as the one shown in Figure 3.4. Each tag has its own unique identification sound, which is
transmitted periodically or by moving. This sound is detected by one of the 63 detectors
(“microphones”) spread around in the rooms of Samfundet.
The advantages of this technique are that the sound does not penetrate solid walls, which makes
location per room easy, ultrasound waves are mechanical and therefore immune to interference and
it is difficult to eavesdrop the communication link.
Figure 3.4: The tag used for positioning
3.6.2 mBuddy
The Norwegian mobile company NetCom released a service called Buddy in 2001, where users could
send an SMS to a server and receive the position of the requested friend on SMS with information as
for example “Gjøvik Sentrum, 42 kilometres away, direction north” (ITavisen 2001). Today,
CellVision has a service called mBuddy that is a continuance from NetCom’s Buddy. It has about
20
20,000 users in Norway. It uses GSM positioning to locate users anywhere in Norway, which give a
position-accuracy of a couple of hundred metres in urban areas and a couple of kilometres in rural
areas. A user can only locate her own buddies; someone who previously have accepted being a
buddy of that user. Members of the service are charged 29 Norwegian kroner each month. Users can
localise buddies either by a SMS, on the website or on WAP. SMS positioning and positioning
through the website cost 2 kroner and WAP positioning is free. The WAP positioning graphical
interface is shown in Figure 3.5. About 10% of the times a user is localised a notification SMS is sent
out to avoid misuse of the service. Users can choose to ‘hide’ whenever they want by sending an
SMS to the service (mBuddy 2007).
mBuddy got criticised by the manager of The Women Shelter in Norway in an article at NRK
where she warns about the use of such systems. She says that The Women Shelter has experienced
that controlling men uses mBuddy to keep their partner under surveillance. She further asks The
Data Inspectorate in Norway to stop the system, to avoid such surveillance. The Data Inspectorate
answers in the article that it is important that these kinds of services are closed until the users
manually open them by for example accepting buddies (NRK 2007).
Figure 3.5: WAP interface of mBuddy (mBuddy 2007)
3.6.3 Navizon
Navizon is an application for mobile devices and laptop computers. It will display the users’ location
on a map and find restaurants, sights and other things around. These things are user edited so any
user can add Geotags, which are physical places connected to the map. Geotags are notes with a
name, location, description and tags for searching. Users can later find these Geotags by searching.
For instance if a user is interested in the closest pizza restaurant, she can search for ‘Pizza’ in the
program and the application shows a list of pizzerias nearby as shown in Figure 3.6. Users can also
just check any tags that are close (Navizon 2007).
21
Figure 3.6: Navizon pizza search (Navizon 2007).
This functionality is complemented with the possibility to start or join groups of users. Groups
can be started by anyone, and can be public or closed. Within in these groups it is possible to locate
other users; a functionality called Buddy Tracker. A user can locate all the users that are member of
any of the groups she belongs to. The user keeps a list of the users possible to locate, and one can
choose to locate any of those users. The users must manually make their location available to the
other by checking a menu choice called ‘Send location’. If this is checked the location is shared with
other user, unchecked the location is private. The left part of Figure 3.7 shows how users can choose
to locate any of the users that belong to the same groups as themselves. The right part of the figure
shows the users on the map. Users can also choose functionality to log their own position for later
retrieval (Navizon 2007).
Figure 3.7: Navizon Buddy Finder (Navizon 2007).
22
Navizon use GPS to locate its users, but they also be located using a device without GPS. This is
done using something Navizon calls VirtualGps. When users with a GPS device uses Navizon, they
are at the same time located using WiFi hotspots and GSM triangulation. These two locations are
synchronised and stored and by this way GPS user build the Virtual GPS environment while they
walk around (Navizon 2007). In other word, if nobody with a GPS device and Navizon active has
visited a location, a user cannot be located at that position with VirtualGPS.
Navizon costs USD 24.99 to download and are available in every country. Navizon Lite is free, but
this version only uses GSM triangulation for positioning (Navizon 2007). No data was found about
the number of downloads of Navizon.
23
24
4
Preliminary study
This chapter will summarise the preliminary study performed on the system FindMyFriends,
presented in Section 3.6.1, during the autumn 2007. The preliminary study had the exact same
research questions that this master’s thesis, and was performed and written by the same student as
this thesis. First, the research methods used and the results found in the preliminary study will be
presented. Further, the conclusions are presented and finally further work from the preliminary
study will be presented.
4.1
Research and results
To be able to study the behaviour of the users of FindMyFriends the systems stored data was
analysed, an online questionnaire was sent to the users and some users were interviewed.
FindMyFriends had 2769 registered users, but only 1661 registered tags. Only those with a
registered tag are actual users. 62% of the actual users were males and about 34% of the users were
workers at UKA-07. The average number of friends for all registered users was 12.55.
An e-mail was sent to all the 2769 registered users, where they were asked to answer an online
questionnaire. 207 users answered the questionnaire, which accounts for 7.5% of the registered
users. The questionnaire had relatively few questions (20) and took only a couple of minutes to
complete. The questionnaire was designed with the research questions as a basis, and designed with
consideration to the disadvantages of this type of survey. The gender and worker/non-worker
distribution of the respondents of the questionnaire indicated that the participants from the
questionnaire are a representative selection of the actual user mass.
The results of the questionnaire shows that users said that they used their tag ‘always’ or ‘most
of the time’, while they was at Samfundet, and that users with many friends used their tag more
often than the users with few friends. Further, the results shows that about 75% of the users checked
their friends’ location at a terminal at least once and almost 80% did the same using a computer
located outside Samfundet. 55% of the participants said that they would use a similar system as
FindMyFriends made for positioning users in the entire city, which are analogous to The
FriendRadar developed in this master’s thesis. The participants were also asked to substantiate why
or why not they was interesting in using such a system. The by far most common answer (56
answers) in the ‘No’ category was that they felt it would be like surveillance and that they would
not like that everyone could be able to see their location. Other common answers was that they did
not see the need of such a system (12 answers) and that they might would have used it if the system
could be turned off (8 answers). Most of the users that was positive to a city environment system,
substantiated this with they thought it would be funny or exciting to use such a system (25
answers), that they only would use it if the system or its location functionality could be turned off
(22 answers) and that they thought this system would make it easier to find their friends (20
answers).
The results also showed that over 50% of the users tried to find their friends at least once after
locating them on a terminal and that about 10% of the users went to Samfundet as a consequence of
seeing some of their friends at Samfundet from a computer located outside Samfundet. Seven
participants, or 3.38 %, postponed a trip to Samfundet as a consequence of checking the map on the
website where they found few of no friends. Seven people also cancelled a trip to Samfundet after
doing the same. Only two users thought that the tag made them act in a different way than
normally because of wearing the tag, and only three users felt that the tag disturbed their personal
privacy. Five users left their tag at home on purpose, because they did not want their friends to see
that they were at Samfundet or where at Samfundet they were located. A total of eight people
obstructed the tag on purpose because they did not want to be located at least once. On of these did
it more that five times. Further, the results indicates that there are a connection between the privacy
feeling and leaving the tag at home, but that the same connection did not exist between privacy
25
feeling at obstructing the tag. Finally, 10% of the users said that they would probably have lied
about their location if possible, but most of these users said that they would only do it because it
would have been fun. Many users were sceptical to such functionality, manly because they did not
see the purpose of it. Twelve users stated that this would ruin the whole point of the system,
because the location credibility would be lost.
To add more depth to the questionnaire, interviews were chosen. An e-mail asking if the user
wanted to participate in an interview was sent to the 15 users of FindMyFriends who sent most
avatars, which is a type of message, during UKA. Two of the users who were asked, answered
positive to that request, one of each gender and both was workers during UKA. Each interview
lasted for about half an hour, and followed a semi-structured form which means that a template
was followed but the order of the questions could be rearranged depending of how the
conversation developed. The interview template was designed such as the question answered the
research questions and complemented the results from the questionnaire.
The male participant, called ‘John’, was 23 years old and had about 45 friends in FindMyFriends.
He visited Samfundet about 20 times during UKA, but wore the tag only about three times. The
main reason for this was because he forgot it and because he felt it was big and clumsy. The female
participant, called ‘Jane’, was 21 years old and had 64 friends in FindMyFriends. She visited
Samfundet about 15 times during UKA, but only wore the tag at the night, not at daytime. Both
interviewees would use FindMyFriends if it was possible next time UKA is arranged and both
would use it if it was a permanent system. Jane however, said that she would not always wear the
tag, because of its inconvenient size. Both interviewees used the terminals to check their friends’
location, John four times and Jane about ten times, but only Jane used them to physically find some
of her friends. None of the interviewees felt that they had behaved in any different way because of
the location functionality the system offered. John was not interested in a similar system used in a
city environment, but Jane admitted that she probably would have used it if her friends started
using it. John would use it if all privacy issues were dealt with, but would have had very few
friends. Jane also said that she would be a lot more careful about whom she would accept as her
friends. When the interviewees were confronted to some of the privacy mechanism mentioned
above they were negative to most of them in FindMyFriends, but positive to most of them in a cityscale system as shown in Table 4.1 and Table 4.2.
Table 4.1: Interviewees’ attitude towards privacy mechanisms in FindMyFriends
Mechanism Plausible
deniability
User
John
Jane
Probably
No
Turn
positioning
off
Maybe
No, but if I
had a stalker
Notice when
located by
others
No
Maybe
More coarsegrained
positioning
No
No
Group friends, and
have different privacy
settings for each group
Probably
Probably
Table 4.2: Interviewees’ attitude towards privacy mechanisms in city-scale system
Mechanism Plausible
deniability
User
John
Jane
Definitely
Yes
Turn
positioning
off
Definitely
Sometimes
Notice when
located by
others
Yes, as a log
Maybe, but it
makes people
too aware of
the system
26
More coarsegrained
positioning
Definitely
Yes
Group friends, and
have different privacy
settings for each group
Definitely
Yes
4.2
Conclusions from the FindMyFriends research
The results from the research presented in the preliminary study suggest that people in fact do want
to use a system like The FriendRadar, and that it mainly will be used as a party tool for locating
friends when out partying. However, the results shows that the users’ privacy concerns are greater
in a city scale system, than in FindMyFriends, and that sufficient privacy management are essential
to get people to use the system.
The results further showed that users did act in ways they would not have done if they could not
locate their friends. Users tried to find their friends after locating them on Samfundet, users both
delayed and cancelled their trip to Samfundet because they saw that few or none of their friends
were at Samfundet and users went to Samfundet as a consequence of that they saw some on their
friends on Samfundet through the website. On the other hand, the results indicate that users of
FindMyFriends did not act in a different way because they knew they could be located by others. It
seems that the system did not hinder people in doing things they did not want other people to
know, the users just hindered the system to show they were doing it.
Further, the results indicate that privacy was not a big problem in FindMyFriends. The users
seemed to be aware of the possibility to block the tag’s signals, so they could not be localised. The
users did disturb the system in ways that allowed them not to be localised instead of letting the
system disturb their own personal privacy. The users indicated however that privacy could be a
bigger problem in a city scale system than a system used at Samfundet.
The results from the questionnaire and the interviews show that users are aware of privacy
mechanisms and are willing to use them. In fact, many users state it as an explicit requirement that
some privacy mechanism are included if they should use the system. Especially the possibility of
turning the system on and off is required. It also shows that some users used privacy mechanism
even though they were not implemented in FindMyFriends, for instance by physically blocking the
signals. This clearly indicates that there are needs of those mechanisms.
4.3
Further work suggested in the FindMyFriends research
The further work presented several suggestions of how a city scale system should be implemented.
It was proposed that the system should offer the users functionality that give the users sufficient
feedback over what they are conveying and control over their privacy settings. The most important
mechanisms to be implemented are functionality to turn the system on and off, preferably in a way
that offers the users plausible deniability. Other functionality that should be implemented is
grouping of friends with different position accuracy and reciprocity in the form of that users only
can locate others when they themselves can be located. Further privacy mechanisms must be
considered in the implementation of the prototype, for instance notification to the users when they
are being localised by others could be a useful functionality. Further, it was proposed that the
prototype must be tested by possible future users in Wireless Trondheim. An observation study
would probably be an appropriate testing method, together with interviews of the prototype users.
27
28
5
Design and implementation
This chapter describes the design and implementation of the prototype system developed in this
master’s thesis. The system is called The FriendRadar (‘Venneradaren’ in Norwegian). First the
overall functional requirements of the system will be presented followed by the systems
architecture and implementation. Finally, the privacy mechanisms implemented (and not
implemented) will be described.
5.1
Overall functional requirements
This section will present the most important functional requirements for a social network service
with location functionality in Wireless Trondheim. Basic requirements are requirements that make
it a social network service, location requirements makes it a location based social network service
and privacy mechanisms explains what level of privacy mechanisms that should be implemented to
the service.
5.1.1 Basic requirements
FR1: The system should be developed as a website.
FR2: The system should allow user to register a user profile, with various information about
the user.
FR3: The users should be able to connect with other users, to form a friendship.
FR4: The users should be able to send each other messages.
FR5: A message must be marked with a message type before it can be sent.
5.1.2 Location requirements
FR6:
FR7:
FR8:
FR9:
Each user profile must have at least one mobile device connected to it.
The system should be able to find a user’s location in Trondheim, when the user’s
registered mobile device is connected to Wireless Trondheim.
Each time a user is located in Wireless Trondheim, the location should be saved in a
database.
A user should be able to see the location of the user’s friends that are currently located in
Wireless Trondheim.
5.1.3 Privacy mechanisms
FR10: When connecting to a friend, a user must be able to choose between three privacy levels;
map, nearby and blocked.
FR10-1: The map privacy level allows the friend to locate the user on a map.
FR10-2: The nearby privacy level allows the friend to know if the user is nearby her own
location (Within 200 metres).
FR10-3: The blocked privacy level does not allow friend to see the user’s location at all.
FR11: If each part of a friendship has chosen a different privacy level, the strictest privacy level
applies for both parts. That is, if one user choose map as the privacy level and the other
one choose nearby as the privacy level, both parts of this friendship can only see if the
other one is nearby.
FR12: A user can only see the location of her friends, when she herself can be localised by the
system.
29
5.2
Architecture and implementation
This section presents the architecture of The FriendRadar. Figure 5.1 shows how The FriendRadar
application is connected to GeoPos and to the database. GeoPos is as mentioned in Section 3.5.1, a
service which takes a device’s MAC-address as input and gives the device’s location in Wireless
Trondheim as an answer in XML format which need to be parsed by the application. The database
makes a persistent storage for the users’ location after it has been parsed. This makes it simple for
any user to retrieve any other user’s location, without calling GeoPos. The database also holds the
information found in user profiles, friend connections and messages. Section 5.2.1 will describe the
database design in detail. The FriendRadar component consists of business logic (controller), data
model and a view that is a normal website accessible form any web-browser. This component is
implemented in Java and JSP and will be further described in Section 5.2.2 and Section 5.2.3.
Figure 5.1: Overall structure of The FriendRadar
5.2.1 The database
This section describes the design and implementation of the database. The database is designed in
such a way that sensitive data are protected when data will be analysed for research purposes.
Figure 5.2 show the database model for the system, and Table 5.1 show the system’s database
schema. ‘Usertable’ contains all the relevant possible information a user can change in their profile.
Nickname and pass (password) are mandatory attributes needed to log in to the system. The other
attributes are information that can be added to make a profile more interesting for the other users.
‘Avatar’ inherits from ‘usertable’ and contains the gender and the date of birth of the user. This
inheritance is done because gender and date of birth are attributes that are interesting when
analysing data, but none of the attributes in ‘usertable’ are. This is also the reason why
‘message_content’ and ‘message’ are divided into two different tables. The information stored in
‘message_content’ is the actual message text together with its header. These values are of great
interest for a user that sends or receives a message, but of no interest for the researcher analysing
the data. But it is still valuable for the researcher to have some idea of what the content of a message
is. Thus, ‘message’ has an attribute where a message type, which is selected by the sender, is stored.
This makes it unnecessary for the researcher to actually read each message to know what they
contain. This will also help keeping the messages private to only the sender and the receiver. The
different message types are described in detail in Section 2.3.1. Each ‘message’ has one sender and
one receiver. The attribute rd is a Boolean field that states if the message is read or not. The
‘message’ table has a connection to itself. This connection is represented by the answer_to attribute,
that contains the id of the message that the current message is an answer to. The ‘position’ table
30
contains the longitude and latitude of every positioning done by the system connected with an
avatar. The ‘device’ table keeps information about all the devices registered in the system. Each
avatar typically has one device, but it is possible to register multiple devices to each avatar. The
‘avatar’ table has a many-to-many connection to itself. This connection represents a friendship
connection between the users. A friendship must be two-ways to be an actual friendship. This
means that for user 1 and user 2 to be friends, two tuples in the table are necessary; one where user
1 is the owner and user 2 is the friend, and one where user 2 is the owner and user 1 is the friend.
The status (privacy setting) with the lowest granularity is the current privacy setting of the
friendship.
The database is implemented using the MySQL server available for all students at NTNU.
Figure 5.2: Database model for The FriendRadar
Table 5.1: Database schema for The FriendRadar
usertable (id, nickname, forename, surname, pass, pic_url, email, relationship_status, personal message)
avatar (id, gender, dateofbirth)
device (id, mac_address, status, type, user)
friend (owner, friend, status, date)
position (id, latitude, longitude, location_time, user)
message (id, date, type, sender, receiver, rd, answer_to)
message_content (id, header, body, message)
5.2.2 The FriendRadar component
The architecture of this component follows the common model-view-controller design pattern
(MVC) as shown in Figure 5.3. The principle of this pattern is to separate the domain model and the
business logic from the user interface that presents model. The manipulation of the model is
31
controlled by the controller, based on actions by the users performed on the view. MVC is very
commonly used when developing web applications.
The model and the controller are developed in plain Java, and the view is implemented using
JSP, HTML and CSS. The application is build using Maven2, and deployed on an Apache Tomcat
5.5 web server installed on a Windows Server 2003 machine placed on NTNU Gløshaugen campus.
Figure 5.3: The architecture of The FriendRadar component
The domain model classes are JavaBeans consisting of various variables and getters and setters of
these variables. The DbConnector class connects to the MySQL database using JDBC. This class
does all the communication to the database, both instantiating domain objects from the stored data
32
and manipulating the database with the changes done to the objects by the application. The
GeoPosUtil class does all the communication with the GeoPos server. This class delivers the raw
XML data to PositionParser, which collects the relevant data and places it in Position objects. The
ProgramController controls the execution of the application. One controller exists per session. All of
the JSP pages interaction with the rest of the application goes through the ProgramController. The
controller is instantiated when the user tries to log in to the system through the webpage. If the
username or password is wrong, the ProgramController delivers an exception back to the view.
When the login is successful, as shown in Figure 5.4, the ProgramController instance uses the
DbConnector to retrieve the relevant User from the database. Further, the ProgramController uses
the getOwnPositionStartThread method in the Locator to get the position of the user. This method
first asks PositionParser for the user’s location, which again asks GeoPosUtil for the location.
GeoPosUtil delivers a XML answer to PositionParser, which is parsed to form a Position object. This
object is stored in the database through DbConnector, before it is sent back to the Locator instance.
The Locator then starts a thread in the Locator class which keeps going until a newer thread with
the same user is started. If the user’s location keeps changing, the thread will locate the user every
30 seconds. If the location is the same as the last time the user was located, the thread will locate the
user every two and a half minute. If the user has no location (not connected to Wireless Trondheim),
the thread will check for the user’s location every hour. Every time a user is located by the system,
the location is stored in the database. After the Locator instance has started the thread, it passes the
Position object back to the ProgramController. Then the controller sets the Users location, and the
user that started the interaction is now logged in and ready to use the system.
The login sequence presented above and in Figure 5.4, is just an example of how the
ProgramController controls how the user interactions will affect the rest of the system. Every
interaction from the webpage to the data objects passes through the ProgramController, and vice
versa. Some controlling tasks are however done in the JSP pages. This was done both because it was
more convenient at the time of development, and because some of the task was better suited to be
performed in the JSP pages.
Figure 5.4: Successful login
33
5.2.3 Implementation of the JSP pages
As mentioned above, the view was implemented using JSP8 (with JSTL9) HTML and CSS, and to
some extend JavaScript. This section will show screenshots of the website and explain the
functionality they offer.
Figure 5.5: Log in screen of The FriendRadar
The first screenshot, Figure 5.5, shows the log in screen of the application. It is accessed using
any web browser with http://vr.idi.ntnu.no/vr as the URL. A user must be registered to log in to
the system.
Figure 5.6: The map on The FriendRadar
Figure 5.6 shows the Map page in the website. The map used is taken form the Google Maps API,
which is chosen because it is relatively easy to implement in a custom website. The red pin on the
map is the logged in user’s location. The green pins with a number on are plotted on the location of
the user’s friends, or more exactly; the location of the friends’ devices. The number corresponds to
the number shown on the pin behind the friends’ names in the friend-list in left-menu. A friend
either has a red, yellow or green background. The red background means that the friend is not
possible to locate, that is; the user’s device is not connected to the Wireless Trondheim network. If a
8
9
http://java.sun.com/products/jsp/
JavaServer Pages Standard Tag Library
34
friend has a green background it means that the friend’s device is connected to Wireless Trondheim,
and that its location is nearby the location of the logged in user’s device. Nearby is within an area of
approximately 200 metres. Friends with yellow background are connected to Wireless Trondheim,
but are positioned on a location that is not within the nearby boundary. In this particular example,
Eva is the only friend close enough to be marked as nearby. Lena is not shown on the map as a
consequence of that either she or the logged in user (or both) has chosen the ‘nearby’ privacy setting
in their friendship. If Lena had been nearby, she would have had a green background as any other
user. The other three friends that are currently connected to Wireless Trondheim are shown with a
pin on the map, because both parts in the friendship have chosen ‘map’ as the friendship’s privacy
setting. If a logged in user not are possible to locate in Wireless Trondheim, the user will see all her
friends with red background, and the map will not be shown.
Figure 5.6 also gives an impression of how the user interface of the system is designed. The lefttop- and right-menu is the same in every display when a user is logged in. The top-menu works as a
normal menu, which allows users to navigate through the different pages. The right-menu shows
the number of new messages and friend requests the user has received. The friend requests and
messages can be clicked and the user is taken to the friend acceptance display or to the message
inbox respectively. The left-menu works as a friend-list and shows every user that is friend of the
logged in user as mentioned above. If a friend’s name is clicked, the user is taken to the friend’s
profile page, as displayed in Figure 5.7 where Eva’s name is clicked.
Figure 5.7: Eva's profile page
35
The profile page in Figure 5.7 shows Eva’s nickname, her picture, a personal message, her full
name and information about her birth date, gender and her relationship status just as any other
social network service would have done. The profile page in The FriendRadar however, also shows
a map where Eva’s location is plotted together with the logged in user’s location. This is beneficial if
a user is only interested in a single friend’s location. Notice that the friend-list to the left is still
visible, but without the numbered pins behind which are only visible when the map page is shown.
If the privacy setting in a friendship not allows the user to see the friend on the map, no map is
shown at all. This also applies if the friend is not possible to locate or if the logged in user’s device is
not connected to Wireless Trondheim.
5.3
Privacy mechanisms in The FriendRadar
This section describes which of the privacy mechanisms mentioned in the preliminary study’s
further work that has been implemented to the system and which that has not.
5.3.1 Plausible deniability
It was concluded in the preliminary study that the mechanism that seemed most important is the
possibility to turn the positioning functionality on and off, preferably in a way that offers plausible
deniability. The FriendRadar has this functionality. A user has to manually connect her registered
device to the Wireless Trondheim network to be localised by the system. This also offers plausible
deniability; a user can say that they forgot to connect to the network or that she were in no need of
the network at the current time. Another aspect that strengthens the plausible deniability part is
that the Wireless Trondheim network has some weak spots. Some restaurants, cafés and shopping
centres in the city have Wireless Trondheim coverage, but most of them do not. Thus, a user can say
that she was inside a café or a store without coverage if someone wonders why she could not be
localised. A third aspect that strengthen the possibility of plausible deniability is that the area a user
can be localised are limited to a restricted area, namely the downtown of Trondheim. A user can
simply say that she was outside the coverage area.
5.3.2 Friend based privacy settings
When users connect to friends in the system, they are asked what privacy setting they would prefer
towards this particular friend. A user can choose between ‘map’ and ‘nearby’. If a user not wants
the friend to be able to see her on the map, she can use the setting ‘nearby’. It is also possible to
block friends. A user that has blocked a friend will appear disconnected to this friend at all times.
5.3.3 Proximity
If a user chooses the ‘nearby’ privacy setting, both parts of the friendship are only able to know if
the other user is nearby or not. This is described as proximity, and can make it easier to accept more
friends than they would have done without this privacy mechanism. This is, as mentioned above,
implemented in the system as a privacy setting choice.
5.3.4 Positioning reciprocity
In The FriendRadar users can only locate their friends when they themselves can be located. If a
user is not connected to Wireless Trondheim, and therefore impossible to locate using the system,
then she cannot locate any of her friends. This also applies in the privacy settings in a friendship. If
a user refuses a friend to be able to locate her on the map, the user cannot locate this friend on the
map either.
36
5.3.5 Minimal configuration and standard settings
A problem described in existing literature on social systems, is the users resistance to complex
privacy settings. In this system the users are only asked for privacy settings when connecting to
friends, and there it is only one choice a user has to take; whether or not to be shown on the map.
This privacy setting has no standard setting, because the user has to choose it before being able to
connect to the friend. Therefore the user is forced to take a stand to this question.
5.3.6 Grouping of friends
Another mechanism mentioned in the preliminary study, is the possibility to group friends and
have different privacy setting for each group. This is not implemented in The FriendRadar. The
main reason for this is that the test user group probably would have been placed in the same group,
since all the participants are classmates. Another reason is that the users are offered a privacy
setting towards each friend rather then toward a group of friends. When there exists only one
privacy setting, it is not of much effort to configure this setting towards each friend, rather that
towards a group. It would have been more preferable to use a grouping mechanism if the privacy
setting between friends had been more complex.
5.3.7 Feedback when localised
Another issue discussed both by other authors and in the preliminary study, is the importance of
being notified when localised by other users. This is not implemented in the prototype, but could be
a possible mechanism to be implemented in a commercial system. The main reason why it is not
implemented is that the users usually localise many of their friends at a time, and every user may
not be interesting. Therefore, a user can get an irrelevant notice about she is being localised. A
possible solution could be that a user gets notice if a friend opens her profile and from there can see
her location.
37
38
6
Results
This chapter will first present the results of the analysis of the logged data from The FriendRadar.
Further the results from the questionnaire will be presented. Finally, a summary of interview will be
presented.
6.1
Analysis of logged data
This section will present data of the actual usage of the system, extracted from the database and the
log of The FriendRadar. 23 pupils did receive an iPod and agreed to participate in the experiment.
Only 17 of the pupils did actually log into the system at least one time, and only these 17 pupils are
considered to be a part of the experiment. Thus, all the results presented in this section are collected
from the 17 actual users. Table 6.1 presents the 17 users’ usage of the system. Number of logins is the
total number of times a user has logged in to the website, both from the iPod’s and from any other
computer and independent on which network they were connected to. Number of times located is the
total number of times a user’s request to GeoPos returned an actual location in Wireless Trondheim.
As mentioned earlier, the positioning functionality uses a thread that asks GeoPos for a location in a
periodical interval. Number of times connected to Wireless Trondheim represents the approximated
number of times a user connected to Wireless Trondheim. This number is calculated clustering a
user’s consecutive locations responses in groups, and counting the total number of groups for each
user. From this, if a user connected to Wireless Trondheim after she received the iPod, and
continued to be connected through the whole test period, she would have an extremely high
number of times located, but would only be connected to Wireless Trondheim one time. The
number is approximate because it can take maximum one hour before a user is localised by the
system after connected to Wireless Trondheim. Therefore connections that last less than an hour
could be missed in this statistics. Friend requests out are the number of other users the user has
asked to be their friend, and friend requests in are the number of other users that has requested the
user to be a friend. Registered friends are friend requests (both ways) that are accepted by the other
part, and therefore the number of friends the user has in their friend list and the number of friends
they can localise. The user IDs presented in the table is not the real IDs from the database, and is
only used in this document.
Table 6.1: Statistics per user in The FriendRadar
User
1
2
3
4
5
6
7
8
9
10
11
12
13
Gender
female
female
male
female
male
female
female
female
male
male
female
male
male
Number Number
of
of times
logins
located
1
40
6
0
1
97
5
0
3
38
10
33
2
6
2
1
2
5
1
0
4
58
4
107
2
5
Number of
times
Friend
connected Friend
Msgs
to Wireless requests requests Registered Msgs
Trondheim out
in
friends
sent
rec.
2
9
11
8
0
0
0
9
10
9
0
0
6
7
13
7
0
0
0
14
10
9
0
0
3
11
12
11
3
2
4
14
11
10
4
4
2
3
8
2
0
0
1
0
8
0
0
0
2
14
14
13
0
0
0
13
13
11
1
0
6
13
13
11
4
3
5
15
15
14
0
1
3
7
10
6
1
3
39
14
15
16
17
male
female
male
female
3
2
1
3
11
46
211
2
1
6
6
1
13
8
0
16
13
4
1
0
11
3
0
0
0
0
0
0
0
0
0
0
6.1.1 User information
Figure 6.1 shows the gender distribution of the users in The FriendRadar. There were nine females
and eight males. All the users are pupils in the second grade of a class that are mixed from two
different schools located in downtown Trondheim. This means that the users are normally either 17
or 18 years old. These differences are not significant for the data, and are not included in the
statistics. Another reason for this is that not all the users have written a birth date.
Figure 6.1: Gender distribution of the users
6.1.2 The user’s usage of the system
Table 6.2: Statistics of logins, times located and connections to Wireless Trondheim
Mean
Median Mode
Standard Deviation
Variance
Min
Max
Sum
Number of logins
3.06
2
2
2.304
5.309
1
10
52
Number of times
located
Number of times
connected to
Wireless Trondheim
38.82
11
0
55.667
3098.779
0
211
660
2.82
2
6
2.270
5.154
0
6
48
The users logged in to the website a total of 52 times, which gives a mean of 3.06. The median was 2
times and the mode, with five users, was 2 times. 52.9 percent of the users logged in either one or
two times. One user however (user 6), logged in 10 times. The system did not log if the login was
from the iPod or not. Table 6.2 shows summary of the statistics of logins, times located and the
user’s connections to Wireless Trondheim. Figure 6.2 shows the distribution of the users based on
number of logins. The females logged into the system more frequently than the males, as Figure 6.3
40
strongly indicates. A female user logged in to the system in average 3.89 times and a male logged
into the system an average of 2.13 times, which is a quite significant difference. The male user that
logged in the most times logged in only four times, while there is four females that logged in four
times or more. The tendency is also clear at the other end of the scale; three boys logged in one time,
while only one girl did the same.
5
Frequency
4
3
5
29,41%
2
4
23,53%
3
17,65%
2
11,76%
1
1
5,88%
1
5,88%
1
5,88%
5
6
10
0
1
2
3
4
Number of logins
Figure 6.2: Number of logins to The FriendRadar
41
10
$
Numb er of logins
8
6
4
2
n=9
n=8
fe ma l e
m al e
Gender
Figure 6.3: Number of logins based on gender
Total number of times located indicates how long time the users has been connected to Wireless
Trondheim. There were a total of 660 successful positioning attempts through GeoPos (There was
13077 requests to GeoPos that did not return any location). Each user was located on average 38.82
times and the median was 11 times. It was however an enormous variance. Table 6.1 also shows
that some users never connected to the network, and some users were located many times, with 211
as the most. Since the locating requests are executed with an interval of either 30 seconds or two and
a half minute, the user which is located 211 times can be assumed to have been in connected to
Wireless Trondheim between 105.5 minutes (1 hour 45 minutes 30 seconds) and 527.5 minutes (8
hours 47 minutes 30 seconds). The number of times connected to Wireless Trondheim represents an
approximate number of times the users has successfully connected to Wireless Trondheim. The
users connected to Wireless Trondheim 48 times, which gives an average of 2.82 times per user. As
shown in Table 6.1, only three users did not connect to Wireless Trondheim at all.
Figure 6.4 show box plots of number of times located and connected to Wireless Trondheim
distributed by gender. The tendency is opposite compared to number of times the users logged in to
The FriendRadar; male users were more frequent users of Wireless Trondheim compared to the
females. Of the tree users that never connected to Wireless Trondheim, there were two females and
one male. The male user (user 10) with no connections only logged in to The FriendRadar once,
while the females that did not connect to Wireless Trondheim logged in to The Friend Radar as
much as six (user 2) and five times (user 4), which are second and third most times respectively.
42
Number of times connected to Wireless Trondhe im
Number of times located
2 00
1 50
1 00
50
0
n=9
n=8
fe ma l e
m al e
Gender
6
4
2
0
n=9
n=8
fe ma l e
m al e
Gender
Figure 6.4: Number of times located and times connected to WT based on gender
Even though some users have been connected to Wireless Trondheim a considerable number of
times and occasionally over quite long periods of time, it has only happened three times that two or
more users has been connected to Wireless Trondheim at the same time. One of the times there were
three users connected at the same time, the two other times there were two users connected at the
same time. In two of the three occasions the users that was connected simultaneously was friends,
which means that they theoretically should be able to see each other on the map. Table 6.3 show
information about these occasions, with the numbers of users that participated in an occasion, if
they was friends or not, if any message was sent between the users during this time, which users
that was involved, the length of the period they was connected at the same time and which date it
happened. The first occasion, that happened 25th of April, includes three users which all were
friends with each other. User 5 and 11 was located at the same spot during the whole occasion (at
the school). User 14 seemed to be moving away from the two others.
Table 6.3: Users that were connected to Wireless Trondheim at the same time
Num of users
3
2
2
Friends?
Yes
Yes
No
Message
No
No
No
Users ID’s
5, 11, 14
6, 15
8, 12
Connection
Probably (5, 11)
Probably
No
Duration
1 hour
30 minutes
1 minute
Date
25.apr
30.apr
03.may
In the second occasion (30th April) the two users was located in the same area. Figure 6.5 shows
their movements placed on a map during the time they were able to be located simultaneously.
Both of the users started at the same location (a famous recreation place called “Marinen”), but at
different times. User 15 started at one part of Marinen, and moved to another place before user 6
arrived. They was however both at Marinen in the same time. User 6 was first located at the spot
where user 15 started, but seven minutes after user 15 has been located at another place at Marinen.
User 6 kept on the same location the whole time (20 minutes), while user 15 moved around in the
area around the user (from 50 to 200 metres) which indicates that there probably is a connection
between the locations of the two users. The locations of user 6 around Trondheim Torg (which is
next to most of the users’ school) are not a part of the occasion, since they are made over an hour
after user 15 was disconnected from Wireless Trondheim, but are still interesting since this is the
place where user 6 could have seen user 15 for the last time. It is not possible to establish if their
43
movements are affected by the system or not. The third occasion shown in Table 6.3 did not involve
users that were friends with each other, and are not being further analysed.
Figure 6.5: The users’ movements when logged on simultaneously
6.1.3 Friends
Each user had an average of 7.35 friends in The FriendRadar. Three users had no friends, which
pulls the mean down. Male users had an average of 9.13 friends and a median of 11 and the females
had an average of 5.78 friends and a median of 8, even though the girls logged in to the system
more often. All friend connections had the privacy setting ‘map’, which means that there was no
users that either not allowed a friend to only be able to locate them approximate or blocked their
friends. Figure 6.6 shows that boys and girls sent about the same number of friend requests to other
users (or accepted others), but the boys had definitely received more friend requests. The middle
graph of Figure 6.6 shows one outlier in each gender. User 16 and 17 registered in the system late,
and it seems they did not have enough time to connect to friends. This also affects the rest of the
friend statistics. The rightmost graph in Figure 6.6 shows that the boys had more friends than the
girls, as mentioned earlier.
44
15
10
5
14
12
10
0
8
6
4
2
17
16
0
female
male
female
Actual friends
Friend req in
Friend req out
20
12,5
10
7,5
5
2,5
0
male
female
male
Figure 6.6: Friend requests and actual friends based on gender
6.1.4 Messages
It was sent a total number of 13 messages in the system, split over five senders and five receivers.
Nine of the messages were read, and six of them were answers to other messages. None of the
messages appears to be related with the registered locations of the users. Table 6.4 shows details
about all the messages sent in the system. Notice that all the messages was sent within the first
week of the test period, and 10 of 13 messages was sent during the first day.
Table 6.4: Messages sent in The FriendRadar
id
1
2
3
4
5
6
7
8
9
10
11
12
13
6.2
date
23.04.08 10:57
23.04.08 10:57
23.04.08 10:59
23.04.08 11:00
23.04.08 11:04
23.04.08 12:50
23.04.08 12:52
23.04.08 16:15
23.04.08 16:16
23.04.08 16:16
25.04.08 13:47
25.04.08 14:14
29.04.08 18:47
type
request
request
request
request
inform
Neg_answer
inform
Pos_answer
confirm
inform
request
request
Pos_answer
sender
5
13
5
5
10
11
11
6
6
6
11
11
6
receiver
11
6
13
6
12
5
6
5
11
13
6
13
11
rd (read)
1
1
0
1
1
1
1
1
1
0
1
0
0
answer_to
0
0
0
0
0
1
0
4
7
0
9
0
11
Questionnaire
This section presents the results from the questionnaire.
6.2.1 Participants
The information about the questionnaire was sent out to all the 28 pupils of the subject where the
test persons were collected from, both the pupils that participated in the testing and those who did
not. This lead to 16 responses, where 9 was from females and 7 was from males. 14 of the
participants answered that they received an iPod and participated in the testing of the system. This
question (14) was somewhat double-barrelled; it both asked if the users had received the iPod and if
they have participated in the testing of the system. As shown in the previous section, it was actually
six users that received the iPod, but never logged in to The FriendRadar. Figure 6.7 shows however,
that there were five users that never logged in to the system from the iPod and two that never
logged in from a regular computer, but only one that never logged in at all.
45
Figure 6.7: Times the participants has logged in to The FriendRadar.
All the participants own both a mobile phone and an mp3-player. 10 of the participants own a
laptop and one of the participants owns a PDA. Four participants said they have some other mobile
devices in addition to those mentioned here.
All 16 participants had a profile on Facebook, and Figure 6.8 shows the number of friends the
participants had on Facebook (left) and how often the participants log in on Facebook (right). The
figure shows that the participants are very active users on Facebook, since more than half of the
participants have 200 friends or more and only two of the participants log in more infrequently than
daily. There seems to be no connection however, between the number of friends and how often the
users log in since users with fewer friends logs in both frequent and infrequent (in this scale) and
the other way around. Four of the users state that Facebook is an important part of their life. Three
of these four has given a reason for it:
“Because there is always something that happens there”
“Share pictures with friends”
“Keep in touch with people and keep myself updated. I feel ‘social’ in a way.”
There were no large differences between the genders in the number of friends and in how many
times the users logged in to Facebook. There was a significant difference however between the
genders of the users that stated Facebook as an important part of their life. All four users that feel
that Facebook is an important part of their lives are females, which mean that four of nine girls feel
this (Almost 45 percent). All seven boys stated that it is not an important part of their lives. Most of
the users have given reason for why they have a profile on Facebook, which was often described
with what they used it for, which is a later question. These two questions are however closely
related, and Table 6.5 summarises what users said they were using Facebook for. No categories are
mutually exclusive, which means that a user can be registered in several categories. In addition to
what Facebook is used for, two users said that they are registered because their friends are
registered. When the users was asked why they felt that Facebook was not an important part of
their life, almost everyone said that it was a nice thing, but it was not a necessity of their life and
46
that other things like school was more important. They used it however like a tool to keep in touch
with others, both local and distant friends and family members.
Figure 6.8: Friends and log in frequency on Facebook
Table 6.5: What is Facebook used for?
Category
1
2
3
4
5
6
7
Reason
Communicate (talk) with friends
Watch pictures
Keep updated
Share pictures
Get to know new friends
Nose around
Play poker
Frequency
14
12
6
4
1
1
1
The participants were asked what they think about privacy in Facebook, and not everyone had a
lot to say. Three participants said that they are satisfied with Facebook’s privacy and six
participants said that they feel it is not good enough. Examples are:
“There are some users that have had some unwanted things published about themselves on Facebook. This
is sad, and I don’t think many users are aware of the consequences it can have to publish pictures of others
that you have been told not to publish.”
“I think that one is vulnerable, but I don’t care, it’s not that important.”
6.2.2 Usage of the iPods
When it comes to usage of the received iPods, six of the users stated that they have used it a couple
of times, two stated that they have used it fairly much and six clamed that they have used it a lot, as
shown in Table 6.6.
Table 6.6: How much the participants have used the iPod
Category
Used it a couple of times
Used it fairly much
Used it a lot
Frequency
6
2
6
47
Percent
37.5
12.5
37.5
When asked to range how much they have used it at home, at school and other places (on a 1 to 5
scale), at home got slightly higher score than other places. It was used least at school. All three
places had a fairly high average value however, with 3.14, 3.07 and 2.50 respectively. When asked
what they used it for, the different activities are ranged in Table 6.7. It shows that, not surprisingly,
listen to music was the far most popular activity. In fact, 8 of 14 users rated listen to music to 5 on
the scale. It also seem that ‘everyone’ used the iPod to surf the web, as all except one user has rated
this activity to 2 or higher at the scale.
Table 6.7: Activities the iPod was used for
Range
1
2
3
4
5
6
Activity
Listen to music
Surf the Web
Watch saved videos
Be at YouTube
Use The FriendRadar
Other things
Average value
4.49
2.93
2.14
2.14
1.64
1.50
Figure 6.9: Difficulty the users had in using the iPod
Figure 6.9 shows how difficult the users found the tasks of connecting to wireless internet, surf
the web and upload music to the iPod was. In general, the users seemed to find all tasks quite easy,
especially uploading music. Each task had only four users that found the task either difficult or very
48
difficult. The users that find it difficult to connect to wireless internet are the same users that find it
difficult to surf the web, which is quite naturally. One user thought all tasks was very difficult, and
the three others that thought uploading music was difficult were spread from very easy to medium
on the two other tasks. Figure 6.10 shows how difficult the task was distributed on gender. The
clear tendency of the graphs in the figure is that the males thought the three tasks were easier to
perform than the females.
Figure 6.10: Difficulty the users had in using the iPod based on gender
Figure 6.11 shows that users tried to connect to Wireless Trondheim more times than they
actually managed to connect to Wireless Trondheim, which is natural. But the differences here are
so obvious that it is clear that users had difficulties with connecting to Wireless Trondheim. As
Figure 6.12 shows, the users that have never managed to connect to Wireless Trondheim have tried
to connect between four an ten times. The only participant that has managed to connect as many
times as tried to connect is the user that had tried to connect the fewest times, namely 2-3 times. The
impression that the users had difficulties with connecting to Wireless Trondheim is further
strengthened by the answers of question 21, where 13 of the participants felt that the coverage of
Wireless Trondheim was too bad to be used in practice. The three remaining users said that they did
not know if the coverage was good enough, and two of these had not received any iPod. In this case
there were no significant differences between the genders, both the males and females tried and
managed to connect to Wireless Trondheim in the same extent. One notable thing about the data
presented in the right graph in Figure 6.11, is that the participants of the questionnaire has in
average connected to Wireless Trondheim fewer times than registered in the actual data. Either the
49
population from the questionnaire did not include those that used Wireless Trondheim the most, or
users had an impression that they actually managed to connect to Wireless Trondheim more rarely
than they actually did.
Figure 6.11: Tried and managed to connect to Wireless Trondheim
Figure 6.12: Managed to connect to Wireless Trondheim based on times tried
6.2.3 Usage of The FriendRadar
The actual usage of The FriendRadar has been logged and is presented in Section 6.1. The data
presented here are based on what the respondents remember, and are not as accurate as the
information in Section 6.1. Here however, the answers from various questions can help drawing
lines between factors and identify which kind of users that want to use the system and which that
will not use it. Answers that are substantiated by text answers can also give a sense of not only what
the users do, but why they do it.
Figure 6.13 shows how many times the users have logged in to The FriendRadar from the iPod
and from a regular computer. It shows that five users never have logged in to the system from the
iPod and two users have never logged in from a computer. The users that actually has logged in
from the iPod however, have logged in more often from the iPod than from a computer. Figure 6.7
50
shows a graph that combined the times users have logged in from a computer and from the iPod. It
shows that one of the respondents have never logged in at all, in addition to the two respondents
that did not receive an iPod. One user has logged in from the iPod (2-3 times), but never from a
computer and four participants has logged in from a computer (two 1 time and two 2-3 times), but
never from the iPod. The remaining eight respondents have logged in both from a computer and
from the iPod. The users that have logged in most from a computer are the same users that has
logged in most times from the iPod.
Figure 6.13: How many times the users logged in to The FriendRadar from the iPod and from a regular computer
Figure 6.14 (left part) shows how many friends the respondents stated they had on The
FriendRadar, and it shows that it corresponds fairly well with the real numbers of friends registered
in the system. The right part of Figure 6.14 shows that the two participants with no friends, never
logged in to The FriendRadar from the iPod and that the three participants that logged in with the
iPod 4-5 times all had 11 or more friends. The tendency is therefore that the more friends a user
have, typically over ten friends, the more often the user logs in with the iPod.
Figure 6.14: Friends in The FriendRadar
Figure 6.15 shows six of the respondents logged in to The FriendRadar with the intention to
check their friends’ location. Of these six, two states that they checked one time, three states that
they checked two times and one states that she or he checked five times. The five participants that
never logged in from the iPod are of course among the eight participants that said they never
51
logged in to The FriendRadar to check their friends’ location. The graph to the right in the figure
shows a tendency that more of the respondents with many friends (except the one with more than
15 friends), have tried to check their friends location. The participants that stated that hey never
had logged in to check their friends’ location was asked to substantiate why they did not do it.
Seven of the eight that answered no, gave an answer and all of these seven blamed technical
problems as the main reason. Wireless Trondheim was mentioned by all the users as the main
problem. A couple of interesting answers are:
“Because I rarely am inside the coverage area of Wireless Trondheim” (7-10 friends)
“I can imagine that it would be of more interest to log in to The FriendRadar if I had more friends (like
MSN or something) where there always is someone logged in, but since nobody was logged in each time I
checked, I lost the interest. Another thing is that even if all the test persons was downtown, the network
was very bad, and almost none of the users managed to log in on Wireless Trondheim” (More than 15
friends)
Figure 6.15: The numbers of times users has logged in to check their friends location
As shown in Table 6.3, there were five users that had the possibility to see some of their friends
on the map during the test period. Figure 6.16 shows that of the participants that answered the
questionnaire, five of them said that they have found some friend on the map of The FriendRadar,
which make it probable that all the users that actually have seen some other users on the map has
answered the questionnaire. The users blamed, with one exception, either Wireless Trondheim or
their own incapability to log in as the reason for not finding any friends. The one exception said
however: “Because nobody has been logged on when I was.” which is blaming the low user mass that
probably is a consequence of the technical issues concerning Wireless Trondheim. Of the five users
that have seen some of their friends on the map, two stated that they have tried to find them
physically after locating them with The FriendRadar and one of these two has actually managed to
find one of the friends. The one participant that did not manage to find the friend, answered when
asked to write why she could did not find the friends that “I have not tried”. This means that only
one of the participants tried to find the friend, and this participant succeeded in doing it. The users
that did not try to find the friend(s) they located on the map, and gave a reason for it, gave the
following reasons:
“I did not have the energy to do it at the time.”
“The opportunity has not been there.”
52
“Because I haven’t had the need to do it.”
Figure 6.16: Have users seen some of their friends on the map?
Question 50 asked the users if they wanted to use a similar system as The FriendRadar if all the
shortcomings of the system were fixed. Figure 6.17 shows that 13 of the participants stated that they
would use such a system which are over 80 percent of the users. Two of the three that was negative
to such a system had received an iPod, which implies that one of the positive ones did not receive
an iPod and did not participate in the experiment. All the three participants that answered no to use
a similar system was females and surprisingly, as Figure 6.18 shows, two of the users that would
not use a similar system stated that Facebook is an important part of their lives. There were not
significant differences between the yes and no answers to question 50 when it comes to number of
friends on Facebook, friends on The FriendRadar and number of times logged in to The
FriendRadar.
53
Figure 6.17: Will the participants use a similar system?
Figure 6.18: Facebook importance based on interest in a future system
The participants were further asked to write what they thought of the concept of The
FriendRadar, and the possibility to locate their friends. Everyone that answered yes to question 50
answered the question and was naturally positive to the concept, except one respondent that said
“it was tiresome and unnecessary”. Only one of the respondents that said they would not use a future
system answered, and the answer was: “Okay opportunity for those who want it”. Some of the other
positive answers were:
“I think the concept is exciting, original and fun.”
“Very good! Great that one can find each other and that one can turn it off if one want to.”
54
“It is a nice concept for finding your friends, but I think it will be used more by parents that want to
know the location of their children.”
“I think it is a very interesting concept, I don’t know if it is any reason why you have to be connected to
Wireless Trondheim, but it would be cool if one could be connected to any wireless network because
Wireless Trondheim is not good enough.”
In general, the answers of the respondents showed great enthusiasm about the idea and concept of
be able to locate their friends. The participants were also asked if they had any other comments
concerning The FriendRadar. Many users used this field to express dissatisfaction with the quality
of Wireless Trondheim:
“It was kind of boring that Wireless Trondheim never worked on my iPod.”
“Wireless Trondheim did not have good enough coverage. It was slow and it did not work on my school
(Katta10).”
One user also said it was too few users on the system:
“I can not say how it was to use the system in practice, because too few users had the possibility to connect
to it.”
Figure 6.19: MSN or Facebook like system
In question 57 the users was told to imagine a future system where one could be located
anywhere, and asked whether they would prefer a system that was very similar to MSN Messenger
or a system that was very similar to Facebook, both of course with the positioning functionality.
Figure 6.19 shows that MSN would be the preferred system by nine of the respondents, and seven
would prefer a system with Facebook’s functionality. A strange thing is that eight of the nine users
that answered the MSN system, chose to substantiate their choice with a textual answer. Only one
10
’Katta’ is a slang word for Trondheim Katedralskole, where the test subject was collected from.
55
of the seven that answered Facebook did the same. The users that answered Facebook wrote: “It is
about the same for me, but I use Facebook more often”. Most of the respondents that answered Facebook
were clearer about why they chose it, but they had very different reasons:
“Easier to communicate directly, that is what it is most need for.”
“It is more ‘social’.”
“If one is going to be localised anyway, the MSN system I better, because it is more private.”
“I feel that the MSN system is better. You don’t need any web browser and I feel it demands less effort to
log in there. It is just to turn on the computer, and you’re logged in:”
“Have used MSN the longest, and feel safer with it.”
Two more users said it was because it was better with direct contact, just as said in the first quote.
One final user that said that she would prefer MSN said the following:
“Here is my answer in reality a mixture of the two systems. Where you could send direct messages to the
users that are currently logged in, and a system that makes it possible to send messages to users that is not
logged in , such as the person received the message the next time he logs in.”
The left part of Figure 6.20 shows that the proportion of respondents that would prefer each
system is almost the same in both genders, with one more respondent preferring MSN in each
gender. The right part of Figure 6.20 shows that among the respondents that uses Facebook several
times per day, Facebook is definitely the most preferred future system. Only two of eight
respondents that state they use Facebook daily would prefer Facebook as the new system, and both
respondents that use Facebook rarer than daily would prefer MSN.
Figure 6.20: MSN or Facebook preference distributed in gender and usage of Facebook
Results from question 29 and question 30 which asked how many times the participants had
tried and managed, respectively, to find themselves on the map of The FriendRadar are not
presented because the results show that the respondents had clearly misunderstood these questions.
The purpose was to get to know how many times the users had spotted themselves on the map, but
many users said that they had spotted themselves fewer times than they have spotted others, which
is impossible following the way the system was implemented.
56
6.2.4 The FriendRadar’s influence to its users
As mentioned in the previous section, five users found their friends on the map at least one time.
One of these users actively tried to find the friend(s) physically, and the user succeeded in doing so.
This is a behaviour that is affected by The FriendRadar. The users that did not try to find their
friends either said that did not have the opportunity, did not have the energy or that they had no
need to do it at the present time.
Another way the system can influence the users’ behaviour, is if the users do something they
normally would not do as a consequence of their knowledge of that others can locate them
(Research question 2.2). Question 41 of the questionnaire asked the participants if they have
behaved different when their iPod was connected to Wireless Trondheim. None of the respondents
said they had behaved in a different way. When asked how many times they deliberately avoided
connecting the iPod to Wireless Trondheim because they did not want to be located, all the
respondents said that they never had done it. When asked if they had left the iPod somewhere else
deliberately to let others think they were located at a place they were not, all the respondents
answered, not surprisingly, that they have not.
6.2.5 The users’ privacy feeling in The FriendRadar and the need of privacy mechanisms
None of the participants felt that the iPod combined with the positioning-functionality of The
FriendRadar had disturbed their personal life during the test period (Question 40). One respondent
stated that he was afraid that the system administrator or others would use location information or
other information about him to something he was not aware of (Question 47). When asked to
explain what he was afraid of, he wrote: “I don’t know, I just remember that I thought about it”.
One of the privacy mechanisms that were implemented in The FriendRadar was that users only
could see their friends’ location when they themselves could be located by others. In other words,
the users’ iPod had to be connected to Wireless Trondheim to see their friends’ location. Question
25 in the questionnaire asked the participants if they would have used the system more, less or the
same if they could see their friends’ location independent on which network they were connected
to. Figure 6.21 shows that five users would use it more and nine users thought that they would use
it about the same as they did now. Notice that no users thought that they would use it less than they
did now. Figure 6.22 show which users that have answered they would use the system ‘The same’
and which that have answered that they would use the system ‘More’ to question 25. The top left
graph shows that it is generally the male respondents that will use the system more, as it is only one
female user that says she would use it more. In fact, among the respondents that said they would
use it about the same there are 78 percent females and among the respondents that said they would
use it more there are only 20 percent females. The top right graph shows that it is the users that
used the iPod the most, which stated they would use the system more if the friends could be located
regardless of network. The bottom right and the bottom left graph shows that it is also the users that
actually managed to use the iPod that would use it more, if they could locate their friends even if
they were not connected to Wireless Trondheim themselves. The graph showing the same data with
how much users has logged in to The FriendRadar from a regular computer are not shown, as the
distribution in that case was fairly equal between both cases, which means that there was no
differences between the respondents that said they would use it more and the respondents that said
they would use it about the same. As mentioned earlier there was a field in the questionnaire
where the users was asked to write any comments about The FriendRadar. One of the users that did
not receive an iPod wrote: “It is a great opportunity that you can deactivate The FriendRadar, such as it
won’t show. In addition is it great that one cannot see others when deactivated in such a way that espionage
are avoided”.
57
Figure 6.21: Would the system be used more or less if users could see friends’ position regardless of network
Figure 6.22: Various questions based on if the system would be used more or less if the user's friends could be
positioned regardless of the user's network
58
Another security mechanism that was implemented in The FriendRadar was the possibility to
choose the map privacy setting between friends. As described in Section 6.1.3, all the users chose
the setting ‘map’ in all their friends connection, which means that all users allowed all their friends
to see them on the map. Therefore as expected, all the respondents answered ‘No’ when asked if
there were any friends they did not allow seeing on the map. The users had the possibility to
comment this answer, and two users chose to do it:
“I can’t really see any problems with that people know where I am.”
“I did not have anything against that they could see where I was, since they only could see me in the city
centre.”
Figure 6.23 shows the number of users that thought they would use a ‘lie’ functionality if it was
implemented in the system, which means that the users could say they were located at a different
place than were they actually was (This was also explained in the Norwegian version of the
question). Two users claimed that they would use it and six users said they would not use it. The
remaining six did not know. The users had the possibility to comment their answer to this question.
One of the users that answered yes commented and wrote: “It would be fun to fool somebody”. None of
the users that answered that they did not know chose to comment, but all six that answered no
commented their answer:
“Then it isn’t 100% true. What’s the purpose of The FriendRadar then?”
“If I did not want them to see me, I would just have logged off the network.”
“Don’t see any reason to lie about where I am located in the city centre.”
“I can’t see the problem with people knowing where I am.”
“I can’t see the problem. If I don’t want people to know where I am, I could log off the network.”
“Can’t see any use of this functionality.”
To summarise, five of the respondents felt that there was no use of this kind of functionality and
one felt that this would ruin the concept of the friend radar.
59
Figure 6.23: How many users that would use a lie functionality
Question 53 asked if the users would have used The FriendRadar more or less if the system
would locate the user everywhere, independent of which network the user was connected to. It is
important to note the difference between this question and question 24 which asks if the user would
use The FriendRadar more or less if she could see her friends’ location independent on whether or
not she was connected to Wireless Trondheim. Question 24 is asking about if the users want location
reciprocity implemented. Question 54 is asking if the users would use it more or less if they, and
their friends, could be located anywhere in the world. The result of this question is shown Figure
6.24. One user would use it less, six would use it more and seven would use it about the same. The
one user that would use it less substantiated this with: “One needs a private life”. It was four
comments from the ones that would use it more:
“Then you could actually use it (the system).”
“It had given it a new dimension.”
“If one didn’t have to only use Wireless Trondheim. If one could see everyone on every network I would
have used it more.”
“I am not often inside the limits of Wireless Trondheim, so I would have used it more if it could be used in
the entire city.”
The comments from the users that said they would use equally much as today was:
“A little scary that it could not be controlled by me.”
“Then I probably would not have allowed the same kind of friends to see where I was.”
60
Figure 6.24: Would you use the system more or less if you could be located independent on network?
Figure 6.25 indicates that there is no connection between the answers of the users in question 24
and question 54. In fact, the only user that said he would use it less if one should be localised
anywhere, would use it more if he could localise his friends in Wireless Trondheim, independent if
he could be localised by them or not. Figure 6.22 showed four diagrams that showed what kind of
users that answered what to question 24. The tendency is the same for all questions presented in
Figure 6.22 when compared to question 54, except one: Figure 6.26 shows that the majority of the
users that would use the system more have never logged in to The FriendRadar from the iPod,
which was not the case with question 24. The figure also shows that the male users was dominant
among the users that would use it more, and that the only user that would use it less also was male.
Figure 6.25: Crosstab between use the system more or less if located everywhere and locate without connected to
Wireless Trondheim
61
Figure 6.26: Gender and how many times the users that would use the system less, more or the same have logged
in to The FriendRadar
Figure 6.27: Allow the same friends to see you on the map?
Figure 6.27 shows that half of the respondents would have allowed the same friends to see them
on the map in a system where you would be localised anywhere, and half would have allowed
fewer friends. No respondents would, as expected, have allowed more friends, which in practice
only were an alternative that was included to cover all possible answers, which made the
alternatives exhaustive. The left diagram in Figure 6.28 shows that females are very dominant
among the respondents that would have allowed fewer friends to see them on the map, as six of
seven respondents were women. The opposite tendency is shown among the respondents that
would have allowed the same friends. The right diagram in Figure 6.28 show that the proportion
between the users that would prefer Facebook or MSN with positioning functionality is complete
opposite in the two categories. The respondents that would allow fewer friends were dominated by
MSN people, and the respondents that would allow the same friends were dominated by Facebook
people.
62
Figure 6.28: If users would allow the same friends to see the map split in gender and Facebook/MSN preference
Figure 6.29 show that if one could be located anywhere, 11 users (73 percent) think they would
have used a lie functionality. This is in contrary to the number of users that thought they would use
a lie functionality in The FriendRadar, which only was two users. By an unfortunate mistake was ‘I
don’t know’ not an alternative in this question, as it was in the lie question about The FriendRadar
(Question 45). However, as shown in Figure 6.30, four of the ‘No’ respondents from the question
about The FriendRadar have changed to ‘Yes’ in this question and only two are still ‘No’. It is
impossible to know how many of the ‘Don’t know’ respondents that had answered ‘Yes’ to the first
question if they were forced to, nut it is probable that they actually did not care since none of them
wrote any comment with the answer. It is however probable that more users would have answered
‘Yes’ to this question than to the first one even if they had not been forced to make up an opinion,
since many in fact changed their opinion from ‘No’ to ‘Yes’. One of the ones that answered ‘No’
substantiated the answer: “I still can’t see any places where I can’t stand for being”. Three of the
respondents that answered ‘Yes’ commented their answer. Their answer to question 45 is written in
the parenthesis:
“For safety.” (No)
“To fool someone.” (Yes)
“I think maybe someone would use it for not showing at places they are a little embarrassed over or to show
that they for instance not are at home all the time.” (Don’t know)
63
Figure 6.29: Would you lie if you were located everywhere?
When asked if they would use a turn-off functionality in a system where you would be located
everywhere, 13 participants said that they would use it and only one participant stated that he
would not use it. This one participant is one of the participants that said he would not lie in both of
the lie questions. He also used the same comment when he substantiated his answer: “I still can’t see
any places where I can’t stand for being”. Six of the no respondents added a comment to their answer:
“To hide.”
“In some situations where you want to be left alone.”
“So people can’t locate me at any given time.” (Two almost similar comments)
“I would might use this functionality if I was downtown and saw someone I know was nearby that I don’t
want to meet, so this person would not try to go and see me.”
“It is more secure, it can be ‘fake’ profiles on The FriendRadar also.”
64
Figure 6.30: Comparison of the 'lie' questions
Figure 6.31: Number of participants that want to use the system with and without the possibility to turn off the
positioning
The left chart in Figure 6.31 shows the amount of users that want to use either the MSN or
Facebook system with continuous positioning functionality if it is not possible to turn the
positioning off. Five users said they would not and two said that they would use it. The right graph
shows the number of users willing to use such a system if it is possible to turn the positioning off. It
shows that eleven users stated that they would use it and five where unsure. No users said that they
definitely were not going to use it. Figure 6.32 shows that seven users went from ‘Maybe’ to ‘Yes’
and two users went from ‘No’ to ‘Yes’ when the possibility to turn the positioning off was
introduced. Three users went from ‘No’ to ‘Maybe’. The left chart in Figure 6.33 shows that a higher
amount of the participants that would prefer the system most similar to MSN was sceptical to use
the system without the possibility to turn the positioning off. The right chart in the same figure
shows that when this possibility was introduced, the positive and unsure users were almost evenly
distributed between the two systems.
65
Figure 6.32: Combined results of thought usage with and without possibility to turning off positioning
Figure 6.33: With or without positioning distributed on MSN/Facebook preference
6.3
The interview
The one interviewee that was interviewed is a male and is 17 years old. He was a part of the
experiment and received an iPod. He carried the iPod with him almost always and he used it
mostly for music and videos, but also The FriendRadar sometimes. He had another iPod from
earlier, but used this one because it was newer. When asked what he thought about the iPod he
answered:
“I thought it was stylish. I haven’t seen any others that have touch screen like that. It was fun to use it
since it was something new. I was a little disappointed with the capacity of the hard drive, but there exists
versions with larger capacity.”
He further was asked if he thought it was simple to connect to wireless network with the iPod:
66
“At home there were no problems, but here at school and in the city it was a little problematic because of
some networks that are password protected. In Wireless Trondheim, I thought we would have access, but it
did not work right away. I don’t know why, but we had to go and re-establish the user profile and write a
new password and stuff and then it worked after a while. At home I have the password so it worked right
away. In Wireless Trondheim was a little problematic that you could not move around. I connected to
Wireless Trondheim about five times I think.”
He felt that the web-browser (Safari) of the iPod was quite easy to use. When asked if he thought
the iPod was a suitable device to use for testing the system he answered:
“Absolutely suitable! A mobile phone would have smaller screen. I would have been sceptical to a mobile
phone because of the screen. It would have been difficult to get the overview.”
He has had a profile on Facebook for about half a year. He uses it about once a day and has between
150 and 200 friends. He was asked what made him decide to register to Facebook:
“A big reason was because I knew my friends had it. I was a little against it at first, the arguments was
that one could keep in touch with old friends and stuff. The first thing I though was that I have contact
with the friends I want to be in touch with anyway. But then I finally created a user because my brother
moved to Holland. So I thought I could keep in touch with him, and it led to that I accepted friend request
from others. Then it just escalated from there.”
What he uses Facebook for and what he thinks is good and bad with Facebook:
“Mostly to check if someone has added pictures from things I have been participated in. Check if people I
don’t have daily contact with have written something in my inbox or on my wall and upload pictures and
stuff myself. A little chat since that has arrived now. I think it is a lot with that privacy stuff about who
has the rights to the pictures and stuff. When I read that you don’t have control over your own pictures I
totally freaked. It seems like, what should I call it, humbug, with things that not are as safe after all when
you publish it. One has to be careful not to publish things you don’t want others to control. Beside that I
feel that it is a simple way to keep in touch with people around you with all you can share and stuff.
Haven’t had any problems with the system.”
He has had MSN Messenger much longer than he has been registered on Facebook. He is logged as
long as the computer is turned on, except when he really needs to concentrate on other things. Even
if he is logged on constantly, it will not say that he is always active on MSN. He can be away from
the computer for hours and still be logged on. He has more friends on Facebook than on MSN,
because it is not so much direct communication on Facebook. The contacts on MSN are closer
friends, and he thinks he has all his MSN contacts as friends on Facebook. He thinks MSN are the
more important of the two systems, because he has been registered on MSN longer than Facebook.
He logged in to The FriendRadar about five times from the iPod and one time from another
computer. He had about 15 friends in The FriendRadar and they were his friends because they were
a part of the project. Many of the friends were his friends from earlier, but not everyone even
though he knew everyone a little from before. He said that he would not have all the friends from
The FriendRadar if it had been a system out on the market. When he was asked about what he
thought about The FriendRadar he answered:
“First time I heard about it, I had never heard about something like this, it was original! I have not quite
thought about how much use I could get from the system or not, for me it take some time to get in and get
it as a part of the agenda in a way. But I thought it was fun. I thought it was much more fun at first than
67
what I found out when I used it. Interviewer: But if it had been easier to connect to Wireless
Trondheim? -Absolutely, I think that would have improved it a lot!”
He thinks that his classmates had about the same impression as him about the system, and had
never heard about anyone that thought it was just stupid.
He managed to locate himself on the map every time he logged in with Wireless Trondheim. He
found some of his friends when they went in actively to try and find each other to check how the
system worked, but he never logged in just to check if some of his friends were nearby. He did not
act in a different way because of The FriendRadar, but imagines he could do if it was more a daily
routine to use the system. He never felt that The FriendRadar disturbed his private life, but he could
imagine it would if it was a big thing. As he says, he knows about people that turn off their mobile
phones because they do not want to be disturbed. He both received and sent messages in the
system, and thought it worked fine.
When asked if he missed anything in The FriendRadar he said that it would be cool with profile
pictures on the map, instead of the ordinary marker. He did not think that it would be important to
share photos and videos, but it could be cool to link them to the map. He thinks that a functionality
that showed the last known location of his friends together with a timestamp could be useful, so
you could call them if they had been nearby recently. When confronted with the implemented
privacy mechanisms he answered:
a. Choose if you want to show on the map or not with each friend: “This thing is for finding your
friends, so I think it would be strange to remove them. Would rather not accept them as a friend.”
b. That it is only possible to see other location when they can see yours: “It makes it fairer like you
can not snoop on people.”
With possible privacy mechanisms:
c. Grouping of friends with different setting: “It could make it easier to get an overview, but not for
privacy.”
d. Get a notice when localised by others: “Yes, that would have been nice!”
e. Lie about you location: “Only for fun, but I would rather log off if I did not want people to see me.”
He said he would use The FriendRadar as it is if it was put on the market, but it had to be better
connection with Wireless Trondheim and one had to be able to move and not loose the connection.
He would be a little more sceptical if he could be localised anywhere and anytime. He would have
limited his friends (contacts) to only his nearest friends (classmates and family). Only people it
would be normal to hang out with on his spare time.
For a future system with positioning functionality he would choose a system that was more like
Facebook than MSN, because he is used to that Facebook has all kind of different functionality
already. He points out that he wants it to be possible to turn off the positioning functionality even
though he is logged in on Facebook. He would definitely have a map instead of showing just the
distance of his friends or a written location and he would finitely have fewer friends in such a
system.
Then he was confronted with privacy mechanisms in a system that localised his mobile phone or
mp3-player anywhere and anytime, and asked if he wanted them in such a system. He said that the
possibility to turn the positioning functionality off was essential. He would not have used such a
system if it was not possible to turn off. He also thought that it was great that you only could see
your friends’ location when you could be located yourself. He thinks grouping of friends (with
68
different privacy settings) would be ok, but not very important. To get notice if others localises
would be a great functionality but not essential, and he also imagines in a system where you always
will be located, it could be situations where he could use the lie functionality. If all his wishes of
privacy mechanisms were granted, he would definitely use the system. He also states that he
probably would be willing to pay for it, but it depends both on the price and how great the system
actually is. Finally he was asked if he had other comments:
“I think it was very fun to be a part of this experiment, I’m very happy for it. It is because I am interested
in such things myself. I thought the system was a great idea, I have never heard about anything like it. I
know GPS, but not combined with Facebook and stuff.”
69
70
7
Discussion
This chapter will first present the discussion of how the research was performed through the
project. Further, it will treat the research questions of this master’s thesis. Finally, threats to validity
will be discussed.
7.1
The research
This section will discuss all the areas about the way the experiment in this master thesis has been
planned and performed.
One of the requirements of this master’s thesis was that a system with positioning functionality
that uses mobile devices connected to Wireless Trondheim should be developed. Therefore, there
was not any discussion about which positioning technology that would be chosen, as Wireless
Trondheim already had GeoPos implemented. GeoPos worked well however, so there would be no
reason not to use GeoPos. It was easy to implement, and the positioning accuracy was better than
for instance GSM triangulation. This was not the case when it comes to Wireless Trondheim.
Wireless Trondheim seems to work excellent if you are sitting on a bench with a laptop, or any
other mobile device with Wi-Fi connection, and want to check your e-mail or read a newspaper
online. But as soon as you start moving problems appear. The experiences from the pre-testing of
the system, with the six students and employees from NTNU were mixed. On one hand it was a
satisfying feeling to see that the system worked, and that the users actually were able to locate each
other. On the other hand it became apparent that Wireless Trondheim easily could cause problems
for the test persons. The persons that participated in the pre-testing showed both great enthusiasm
about the system and the fact that they actually could see the location of the other users, but at the
same time great frustration about Wireless Trondheim. The problem was mainly that when moving,
the network connection was lost. This is apparently not satisfying to a system which is focused on
locating users moving around with small mobile devices. Many of the actual test users also
expressed dissatisfaction with Wireless Trondheim in the questionnaire. Figure 6.12 shows that
every user except one tried to connect to Wireless Trondheim more times that they actually
managed to do it. This shows that the network was not only insufficient when moving, but it was
also difficult to connect to Wireless Trondheim in the first place. The six persons that participated in
the pre-testing all either are studying towards a master degree in computer science or has studied
computer science, so one can say that they are above average skilled with computers, but even they
had troubles connecting to Wireless Trondheim. Table 6.1 shows there four users that never
managed to connect to Wireless Trondheim and Figure 6.11 shows that everyone tried at least 2-3
times. Many of the textual answers presented form the questionnaire also shows that there is a
frustration about Wireless Trondheim among many of the respondents. Also the interviewee talked
about troubles with Wireless Trondheim, and since he said he was quite interested it these kind of
things, there must be assumed that he also has an above average knowledge about computers. The
users complain about the coverage, about the speed, the fact that you could not move around and
that it did not work at the school. Trondheim Katedralskole is at the edge of the coverage area, and
it was known that it would cause some troubles connecting to the network at the school, which can
cause some parts of the frustrations. Wireless Trondheim does not work at most indoor locations
either. However, it is pretty obvious that Wireless Trondheim is not yet suited for this kind of
usage.
When it comes to the choice of the mobile devices, the iPods seems as a great choice. Table 6.6
shows that most of the participants stated that they used it fairly much or a lot, and listen to music
was the far most used activity. This is also an important feature, as the Wi-Fi connection at the iPod
shuts down after a while of inactiveness. But if it is used, for instance plays music, it will not shut
down. Figure 6.9 shows that in general, the users thought it was pretty easy doing tasks as connect
to wireless network, surf the web and upload music. That indicates that the iPod was user friendly
71
enough for the test users. Finally the interviewee stated that he though the device was fun to use
since it was new and that it looked great. He also was very satisfied with the large screen, and felt
this was a more suitable device than for instance a mobile phone.
Finally, the test persons were chosen, as mentioned earlier, because their school is located inside
the coverage area and because they already have access to Wireless Trondheim. In retrospective, the
test persons seemed to be the right choice. It would of course had been better if the school area had
better coverage, but the school’s location led to that the pupils had to be downtown each day
anyway. The pupils was also in an age group that would be one of the probable users of such a
system, and many users also showed happiness of being able to borrow the iPod for a month. They
also had a very helpful teacher that made the process easier, so it would probably be difficult to get
better test persons.
7.2
RQ-1:
RQ-1
Are people willing to use a system with functionality for locating and interacting with their friends
and family using a mobile device connected to a wireless network?
This research question asks basically if people are interested in locating their friends and family and
communicate with them trough the same device. A requirement that must have been fulfilled
before you can be able to locate your friends and family, is that your friends and family must have
shared their location with you. Therefore this research question also asks if people are willing to
share their own location information in exchange for the ability to locate their friends and family.
Judging from the usage of The FriendRadar, one could say that it seems like users are not
interested in systems where they can locate their friends. The users did only log in an average 3.06
times during the 29 days long test period. If this number is compared with the test persons self
declared use of Facebook, it is a very small number. 14 of 16 of the respondents of the questionnaire
said they logged in on Facebook daily or more (Figure 6.8). This would probably lead to an average
of about 30 logins per user on Facebook during the same period. The user that had registered
definitely most logins to The FriendRadar during the period had only 10 logins. This is clearly an
indication to that the users were not very interested in using the system, at least not compared to
Facebook. It is however probable to assume that this low log in rate can, at least partly, be explained
by the difficulties the users had with Wireless Trondheim. Even though most of the test users said
that they used their iPod fairly much or a lot, they have only connected to Wireless Trondheim an
average of about 2.82 times during the test period, which seems fairly correct according to the
number of times the users claimed that they connected to Wireless Trondheim (Figure 6.11). This
indicates that even though the users has an available network that they could use free of charge in
the downtown, they have not used it. This is confirmed by the negative comments about Wireless
Trondheim both by the interviewee and the respondents of the questionnaire. Two questions from
the questionnaire that was meant to give an answer on how the users would react if some
mechanism was removed that in theory would give them less privacy when using the system, can
actually be helped to illustrate how hampering Wireless Trondheim was for the usage of The
FriendRadar. The first question was if the users would use the system more or less if they could
locate their friends that were connected to Wireless Trondheim, even if they themselves were not
connected to Wireless Trondheim. Five users answered that they would use it more and the
remaining nine answered that they would use it equally much as they did now. In practice this
could have made the user experience even worse, because this could lead to that nobody would
ever connect to Wireless Trondheim, which again could lead to that nobody shares their location
and therefore nobody could ever be located. Anyhow, it shows that Wireless Trondheim was
inadequate. Another question was if the users would use the system more or less if they could be
located everywhere independent of which network they were connected to. Six would use it more,
72
seven the same and one user would use it less, as shown in Figure 6.24. In reality this could pose a
big threat to ones personal life, but most of the users only saw the positive opportunities in this
proposal. The users that added a textual comment to their answer said that this would give the
system a new dimension and this would lead to that the system actually could be used (as opposed
to The FriendRadar). One user also mentioned that it would be easier to use, because she was rarely
inside the coverage area of Wireless Trondheim. This question also received negative comments
however, as one user that said it would be scary and another that said she would allow fewer
friends. The one user that said she would use it less said that one needs a private life. The users’
privacy feeling and privacy mechanisms will be discussed more under the discussion if RQ-3 and
RQ-4.
Another important factor that can explain the low login rate of The FriendRadar is that it is in the
nature of social network services that they need a large user mass to survive. Nobody would have
used Facebook if there were no other registered users there. It becomes a vicious circle; the
difficulties with Wireless Trondheim lead to that few or no users are connected at the same time,
which again leads to that the users that actually manage to log in, loose the interest in the system
because there are no other users connected at the same time as them. In a synchronous system like
The FriendRadar, the users have to be connected to Wireless Trondheim at the same time to be able
locate each other. Table 6.3 shows that there actually was only three times it happened that two or
more users was connected to Wireless Trondheim at the same time, and in only two of these cases
was the users involved actually friends with each other. It is in fact only a total of five users that
during the test period had a chance to see some of their friends on the map. These problems
combined with the initial low user mass of only 23 possible users, seemed to be enough for the
users to loose interest in the system. The interviewee confirms this assumption as he says that he
thought the system would be more exciting to use than it actually was, but said that he probably
would have another impression if Wireless Trondheim worked better. This is explicitly pointed out
by especially one of the respondents of the questionnaire. This respondent said as an explanation to
why she never had logged in to The FriendRadar with an intention to check her friends’ location
that she probably would have been more interested to log in to The FriendRadar if she had more
friends and if there was always someone logged in like on MSN. She lost the interest since there was
nobody logged in each time she checked. The same thing was explained by another user that wrote
that she could not say how it was to use the system in practice, since too few users had the
possibility to log in to the system. Figure 6.15 shows that the users that actually has logged in to
check their friends location, are among the users with the most friends, which is another indication
that the system could be used more if there was a bigger user mass in the system. The interviewee
also said that even though many of the friends he had in The FriendRadar was his friends in real
life, he would never have had all the friends he had in The FriendRadar as friends if the system was
put on the market. He said further that he would have had few friends in a real system, and that all
his friends would be friends that it would be normal to hang out with on his spare time. This was
also mentioned by one of the respondents on the questionnaire. This could indicate that the users of
The FriendRadar not necessarily had too few friends, but the friends they had was not the right
ones. This could also hamper the user experience of the system.
Even though The FriendRadar was not used that much, some differences between the genders
was found; the females logged in to The FriendRadar a lot more times than the male users, almost
twice as many times in average. At the same time, the male users connected to Wireless Trondheim
more times than the females. This could be an indication on that female users was more interested
in the social aspect of The FriendRadar, while the boys was more interested in the technical aspect
of the system. This indication is strengthened by the fact that all four respondents that hold
Facebook as an important part of their lives is females and that boys said that they managed to
perform various tasks on the iPod better that the girls (Figure 6.10).
If one judge from the results presented in Figure 6.17 it would be easy to answer ‘Yes’ to this
research question, as opposed to what the usage of The FriendRadar might indicate. Only three of
73
the 16 participants said that they would not use a similar system as The FriendRadar if it was put on
the market with all the shortcomings of the system and the positioning fixed. Interestingly, two of
the three negative respondents were among the total four respondents that stated that Facebook
was an important part of their life. An answer to why this is the case would only be speculation, but
it could be that they would be afraid that such a system will ruin their already well-established
relationship with Facebook. One question of the questionnaire asked what the participants thought
about the concept of locating their friends, and most users showed great enthusiasm about the
concept. One user thought it was exciting, original and fun and another thought the concept was
very good. One user liked the concept, but wondered why one had to be connected to Wireless
Trondheim to use it as he thought the network was not good enough. All these answers indicate a
genuine interest from the users in using the system.
The participants of the questionnaire were asked to imagine a future system where they could be
located anywhere, and asked to choose between a system that is very similar to Facebook and a
system that is very similar to MSN. The name MSN is used to describe the application of MSN
Messenger. These two systems were chosen as examples because they are well known to the users
but at the same time quite different. While MSN Messenger is quite simply a chatting application, at
least form the users’ perspective, Facebook are more a message and photo sharing service. The two
services also have a very important difference in that MSN Messenger uses synchronous
communication and Facebook uses asynchronous communication. Figure 6.19 show that the
participants were split in their choice on which service to choose. Nine users wanted a system like
MSN and seven would prefer a system that was more similar to Facebook. The interesting part
however is that only one of the participants that answered Facebook chose to substantiate this
answer with a textual comment, while eight of the participants that answered MSN did the same.
The single users that commented and chose Facebook said he only did it because he used Facebook
the most. The participants that preferred MSN however, were clearer in their choices. Three users
thought it was better with direct contact, one thought it was more social, one thought it would be
more private, another user felt it demanded less effort to log in on MSN and finally one user said
she felt safer with MSN because she had used it longer. The most interesting answer however was
from a user that wanted a mixture of the two systems, where you both could send synchronous and
asynchronous messages. These answers indicate that a system that would have more aspects similar
to a instant messaging service than The FriendRadar would be chosen for a future system. The
positioning is synchronous, and this would probably be a better fit with synchronous
communication. Since almost all the participants that answered MSN did substantiate their
answers, it is also natural to assume that these participants actually has thought their answer more
through and have a stronger preference towards the system than the Facebook respondents.
Another factor that strengthens a system that has more similarities with a messenger system is their
form of direct communication without any central server. If this becomes the case with the location
information as well, the user would be able to trust that no unwanted parties get hold of their
location information. This will help the system to get users centricity, as mentioned by (Bellavista,
Küpper et al. 2008) as the main factor for success for the ‘new’ LBSs. The interviewee however said
that he thought it would fit better in Facebook, because it has a lot of functionality already, and he
would prefer MSN to be as simple as it is now. As the results from the questionnaire shows there
are no difference between the genders on this question, but the users that use Facebook several
times a day would prefer the Facebook system. This is naturally, as they are more used to using
Facebook. As the results show it is a split view among the participants and it will probably be split
between the rest of the population as well. Anyway, the results from the questionnaire show that it
is more preference towards a simple instant messaging system with location functionality among
the users that answered the questionnaire.
The two final questions of the questionnaire asked if the users wanted to use a system where you
would be located everywhere, and in one case could not turn off the positioning functionality and
in the other case could turn off the positioning functionality (Figure 6.31). It shows a significant
74
difference between the two cases. Only two participants said they definitely would use a system
where the positioning functionality could not be turned off, while eleven users said they would use
it if it could be turned off. Five said ‘No’ to a system without possibility to turn off and no
participants said ‘No’ to the system that could turn off the positioning functionality. This shows the
importance of privacy mechanisms for systems to be accepted by users, and especially the
possibility to turn the system off. The prestudy (FindMyFriends) concluded with that many users
saw is at an absolute requirement that it was possible to turn the system off if they would use it in a
city wide environment, and it seems like this (naturally) holds even stronger for a worldwide
system. The fact that 11 of 16 users says an unconditional ‘Yes’ to use a future system if it possible to
turn off, shows that as long as a few, but important privacy mechanisms are fulfilled, users are
absolutely interested in the concept of being able to locate their friends. The interviewee even said
that he could possible have paid for using such system, which was not the impression the users
from FindMyFriends gave. It is however a strong indication that location tracking systems could
have a great future.
So far the discussion has in particular been based on if users want to find their friends and family
with the help of a computer service. It is not difficult to understand that they do. As mentioned
earlier, this naturally leads to that someone need to share their location. Since users of The
FriendRadar could only locate their friends when they themselves were connected to Wireless
Trondheim it is probable that the users understand this connection. The answers of the questions
also indicates that the users naturally assumes that they have to share their own location to be able
to see others location. The survey from Manhattan described in Section 3.2.2 shows further that
people are willing to share their position to get access to the positive things P3 systems offers. The
usage of The FriendRadar in Wireless Trondheim shows that these kinds of systems are dependent
on that there are some users that share their position in the system, or else the users loose the
interest pretty quickly. With users sharing position, the need of privacy mechanisms naturally
emerges. To be able to turn off the system has already been mentioned as an important mechanism.
The earlier research presented in Section 3.4 also confirm that without privacy mechanisms that
offers users feedback and control over which users that can see what, the users will not use
applications that share the user’s location with others. This subject will be further discussed under
RQ-4. It seems that whether a user wants to use an application that shares the user’s location or not,
is determined with a tradeoff between the usefulness of the service and the user’s privacy concerns.
This is shown by the success of Connecto (Barkhuus, Brown et al. 2008). The developers of Connecto
think that the usefulness and the practical use and the awareness of the system outweighed the
users concerns for privacy in the system. Connecto’s success also shows that there is not only
privacy mechanisms that determines the usage of a location-tracking system, but that the user
friendliness is of utterly importance. This is obvious in the usage of The FriendRadar as well, as it
was shown that Wireless Trondheim was not user friendly and that this scared the users away from
the system.
7.3
RQ-2
RQ-2:
Will users of a system with functionality for locating other users behave in a different way than they
normally would?
RQ-2.1: Will a user who knows the location of other users behave in a different way than she normally
would?
RQ-2.2: Will a user who knows that other users can know her location behave in a different way than
she normally would?
RQ-2 is split into two smaller research questions, to make it easier to distinguish between the
behaviour that is caused by the user’s knowledge of their friend’s location and the behaviour
75
caused by the user’s knowledge of the possibility that others can know their location. This section
will first treat RQ-2.1 followed by the discussion of RQ-2.2.
7.3.1 RQ-2.1
This research question asks if the users of a system that makes the users aware of the location of
others, will behave in a different way than they would have behaved if they had not used the
system. Basically, they will behave in a different way only by logging in to the system, because they
would not have done this if they were not using the system. This however counts for all activities,
and will not be discussed here. It is the behaviour that is affected by the fact that the users have
located some of their friends by using the system that are interesting. Colbert’s study about
rendezvous presented in Section 3.3 shows that rendezvous not frequently occurs exactly like
planned, and that 70 percent of the rendezvous needed at least one extra communication between
the rendezvousers, normally made by mobile phone (Colbert 2001). The introduction of mobile
phones in our daily life made us act in a different way, especially when we were going to meet each
other. Colbert states that the negative outcomes of a rendezvous (stress and lost opportunities), has
become smaller after the introduction of the mobile phone, as it for example is easier to give notice
if one know one is going to be a little late. Colberts theory is that these rendezvous will occur with
even less negative outcomes if a location-tracking system could be used. The example he gives
where a mother could see that the father had already picked the kids up at school, and therefore not
have to drive to the school and check, shows indeed an action that is affected by the mother’s
knowledge of her kids’ location. This knowledge however, she could equally well have received by
calling the father’s mobile phone. The outcome would have been the same; the mother would not
have to drive to the school and check if the kids were picked up. The difference in the two situations
is that in the first case the mother got this knowledge automatically without disturbing the father
when he was driving, while in the second case she had to call him. The location-tracking system
made it easier for the mother to get hold of this information, but she did not in fact act in a different
way, except of course of the way she retrieved the information. The Connecto study however
(Barkhuus, Brown et al. 2008), shows behaviour that is affected by the Connecto system’s
positioning functionality. A good example is the user that was at the shooting club and hoped that
some of his friends would join him, when two friends actually showed up at the shooting club
because they have seen that he was there with the help of Connecto. The two friends that showed
up at the shooting club would never have known their friend’s location if not Connecto have
showed it. The fact that users reported occasions where they did not call their friends because they
saw that they were in some particular situations, are also behaviour (actually non-behaviour)
affected by the system. In the example mentioned with the commuters, the users actually have
made Connecto a part of their daily routine. The arrangement between the commuters made the
waiting commuter’s morning more flexible as he would be aware of when his friend would arrive,
and he could maybe get time to thing he normally not would have done. These examples show that
studies have shown that a user’s knowledge of another user’s location can affect her behaviour.
The results presented from the FindMyFriends study, are also clear on this question; the users
behaved in a different way as a consequence of their knowledge of other user’s position. Over 50
percent of the users tried to find their friends at least once after locating them on a terminal at
Samfundet. Some of their friends could of course be found with the help of a mobile phone, but the
difference when using FindMyFriends is that you get an overview of all your friends at a single
instance. This means that the user can choose which friends to visit after they are localised, and not
in advance as she would have to do if she had to call them. The results show also that over 10
percent of the users went to Samfundet as a consequence of seeing some of their friends on the map
of FindMyFriends from a computer located outside Samfundet. Seven participants stated that they
postponed a trip to Samfundet and seven people stated that they cancelled a trip to Samfundet at
least once after seeing that none or few of their friends was at Samfundet. These actions, especially
76
cancelling a trip, differ quite radically from the planned actions of the users. There is no way they
would have gotten the same knowledge about the people currently on Samfundet, without calling a
large amount of people, so there is no doubt that these actions are consequences of FindMyFriends
positioning functionality.
Because of its low usage, it is more difficult to spot behaviour that is affected by the system in the
usage of The FriendRadar. As shown in the analysis of the registered data, it only happened two
times that two or more users that were friends with each other were connected to Wireless
Trondheim at the same time, and therefore able to locate each other on the map. On the other hand,
both of these occasions seemed to have a connection as the users was either located at the same
spot, or very close to each other. Figure 6.5 shows the users movements in the second of these two
occasions. The movements seem to have a connection, but it is impossible to say something for sure.
All the users went in the same class, and it is possible they would have been at exactly the same
places without using the system. Very little information to add depth to this research question
appeared in the questionnaire. It showed that five users found their friends on the map and that one
of these users tried, and managed, to find one of the friends that were located. This is of course
behaviour that was a consequence of the positioning functionality. The users that did not try to find
their friends said it was because they either not had the opportunity, the need or the energy to go
and find the friend at the time. The interviewee did not report any behaviour affected by The
FriendRadar, but said that if it became a daily routine he could imagine he would behave different
because of it.
Earlier studies and FindMyFriends show that users indeed act in different ways because of their
knowledge of other position. The actions they made that was different, both the users of Connecto
and the users of FindMyFriends, was mostly spontaneous actions. Both deciding to go to the
shooting club or Samfundet because the system showed that a friend or some friends was there and
postponing or cancelling trips to Samfundet are spontaneous actions that probably not would have
been done if it had not been for the positioning functionality these systems offer.
7.3.2 RQ-2.2
This research question search to discover if users behave in a different way, when they know it is
possible that other users of the system can know their current location. There are two aspects to
look on in this question. The first one is the things a user will avoid to do, because she wants to hide
her actions to the users that possibly could see her location. The second part is the action a user will
do, because she assumes that the users she wants to see her location, will see it and know where she
is. The first part is a disadvantage for the user, and in the second part the user uses the system for
her own advantage. An example of the latter one is when Colbert suggests how a user might act
during a rendezvous if she and her boyfriend both have a location-tracking system (Colbert 2001).
He suggests that if she is early for a rendezvous with her boyfriend, she will probably be more
willing to pop into a shop while waiting, assuming that her boyfriend will know her location when
he arrives. He points out that in this case the rendezvousers are taking higher risks, which can lead
to new problems. An actual example of this kind of action is the user that actively uses Connecto to
show his friends that he is at the shooting club. Examples of actions that is avoided to do are not
reported in any literature. However, (Consolvo, Smith et al. 2005) reports on situations where the
users did not want to disclose their location to their friends. It was for example while doing
innocent actions and they simply did not want to be disturbed, like by their boss after work hours
and by anyone when being out on dates with their significant others. It was also more cynical
hiding of their actions, for example being out on errands and did not want to pick thing up for
others or hiding for their significant other that they were not doing what they was supposed to be
doing. Finally, it was more ‘guilty’ actions like hiding actions that they where not supposed to do
for their significant others (like another love affair). One can also imagine hiding more innocents
actions for their significant others, for example a husband hiding for his wife where he buys her
77
Christmas present. However, this is only situations where the users want to hide their locations, but
it is not reported that they avoided doing it because they thought someone was watching their
location.
The results found in the study of FindMyFriends show a similar pattern. There were only a few
inconsiderable actions that came as a result of that people knew they could be located. On the other
hand, many users reported that they had been hiding the signals from the tag, and as a result had
become impossible to track for their friends. It was therefore assumed that the system did not
hinder people in doing things they did not want other people to know, they just hindered the
system to show they were doing it. Another interesting point from the study of FindMyFriends was
that the users seemed to want to be located. The system did not require anyone to wear the tag that
located them, but nevertheless, most of the users wore their tag ‘always’ or ‘most of the time’ when
visiting Samfundet. This is an example that shows the users used the system to show their friend
where they were located.
From the users registered behaviour in The FriendRadar it is impossible to say that anyone did
behave in a different way than they normally would because they knew they could be located. No
respondents of they questionnaire said they have done something they normally would not do.
None of them had tried to hide their action either. This is of course a natural consequence of that the
users very rarely could be located by other users, simply because they rarely were connected to
Wireless Trondheim. It was a much bigger effort to actually connect to Wireless Trondheim than not
doing it, and therefore the users only connected to it when they needed to. In the questions that deal
with security mechanisms however, the respondents mention that there are situations where they
possibly would want to hide their locations, both for security and convenient purposes. Examples
are embarrassment for showing their location to others, that they do not want to meet a specific
person at a specific time and that they can not be sure that there are not fake profiles in the system.
The little indications that exists to answer this research question, indicates that users do act in
different ways to take advantage of the fact that they know other users can see their location by
showing their friends what they are doing, but they do not avoid to do actions they do not want
others to do because of the system. If they would start to have to avoid doing things it is probable
that the users would not be using the system. A system’s privacy mechanisms are there to help the
users doing all the things they normally would do, without being afraid that others can see things
that they should not be seeing. Privacy mechanisms will be discussed more under RQ-4.
7.4
RQ-3:
RQ-3
Do the users of social interaction systems that share context sensitive information like
location feel they are loosing their own personal privacy?
Since this research question treats the feeling of the users of a system, The FriendRadar’s logged
data will not give any information about this research question, except one: All the users allowed all
their friends to see them on the map. This could be an indication on that none of the users worried
too much about their privacy. On the other hand, there were many friend requests that were not
accepted. A reason for this may be that the system was not used so much, but it can also be a
deliberate action by some users to rather not accept a friend request altogether, than accepting a
friend and just allowing the friend to see her proximate location. This assumption is supported by
(Consolvo, Smith et al. 2005), as their survey shows that the users either disclosed the location
information in the detail that was most useful for the requestor, or did not disclose the location at
all. In the case of The FriendRadar the ‘nearby’ setting could never be the most useful for the
requestor, since a friend that has a ‘map’ setting can see both if the friend is nearby and her exact
location on the map. It is no way to know if these unaccepted friend requests are just unseen friend
requests, or if the friend requests are deliberately not accepted by the users. The two users that
78
commented this answer in the questionnaire both said that they did not have a problem with that
other users could see their location, which is an indication towards the conclusion that the friend
request was not accepted because they was not seen. The interviewee however said since this
system was made for locate each other it would be strange not to show his friends on the map, and
he would rather not accept them as friend if he did not want them to locate him. Unfortunately,
there was no question in the questionnaire that specifically asked if the users deliberately chose to
not accept friend request because they did not want that user to see their location in the city. There
was however a question that asked if the users would allow the same friends to see them on the
map if the system could locate them anywhere, and not only downtown Trondheim. In this case
half of the 14 users would allow the same friends to see them on the map and the other half would
allow fewer friends to see them on the map. It is however unclear if they only would choose the
‘nearby’ setting on the friendship or if they would not accept them as friends at all. Figure 6.28
show that only one male respondent would accept fewer friends to see them on the map, while as
much as six female respondents would do the same. This is a strong indication that male users, or at
least the males among the test users, are less worried about privacy threats than the female users.
The same figure shows that most of the respondents that would prefer a Facebook similar system
with positioning would have allowed the same friends, while most of respondents that would
prefer a system more similar to MSN Messenger would allow fewer friends to see their location on
the map. This could be explained by the fact that the interviewee said that he had fewer, but closer
friends on MSN than in Facebook, which very well can be a general trend. The differences between
the two systems are however so clear that it should not go unnoticed.
The questionnaire and the interview had several questions that were meant to give indications to
the answer of this research question. None of the respondents of the questionnaire said that they
ever felt that The FriendRadar’s positioning system disturbed their personal life during the test
period. As mentioned before, the system was used too little to be able to get a good answer to this
question, since it natural that nobody felt that their privacy was threatened when they knew
nobody used the system. Another factor is that users generally were rarely connected to Wireless
Trondheim, which was the only way they could share their location with others. One user did
however say that he was worried that some of the system administrators would use the location
information or other information about him to something he did not know about. This privacy
threat does not come from the other users, but has more in resemblance with the threat that is
associated with Big Brother from Orwell’s novel. In the introduction lecture at the start of the
project it was stressed that the user information was split from the device, and that the persons that
studied the data would not couple location information and message content to personal
information. On the other hand, it is easy to understand that this concern arises. The authors of the
‘science fiction’ article presented in Section 3.4, actually mentions user centricity as the main reason
of the ‘new’ systems popularity (Bellavista, Küpper et al. 2008). They further explain (imagine) that
it was not until the users started managing their location data themselves, and sharing it directly
between the users without a central server that the users started to trust the systems. Since this was
the only report of a user that was unsure about the sharing of personal information, it can indicate
that it is a problem that the users do think about. However, only one of 14 users saw this as a
problem, even though the users knew that their location data was going to be analysed and used in
this master thesis.
Further, The FriendRadar had reciprocity in location-sharing implemented, which means that a
user had to be connected to Wireless Trondheim to see others location. Five users claimed that they
would use The FriendRadar more if this security mechanism was not implemented, and nobody
said that they would use the system less. This can again be explained by the problems Wireless
Trondheim caused the users, but it indicates that the users do not care as much about privacy as
they do about user friendliness. Figure 6.22 shows that it is in general the male users that would use
The FriendRadar more and the female users would that would use it equally much, and that it is the
users that have used the iPod the most that would use the system more if they did not have to be
79
connected to Wireless Trondheim. The males used their iPod slightly more than the females, but
the difference was small. Therefore it seems like it is two different trends; the male users and the
heavy iPod users are the users that either are less careful with privacy, or is more demanding when
it comes to user friendliness. This shows again that the male users are less concerned about privacy,
as the case was with their imagined privacy settings in their friendship if the system would locate
them anywhere. When the users was asked if they would use The FriendRadar more or less if they
would be located anywhere, as much as six users said they would use it more, and only one said he
would use it less. Again the dominant gender among the users that would use it more was male.
The one user that would use it less however, was also male. It is still the females that would not be
affected by this change in the system. It is showed earlier that the females was the ones that used
The FriendRadar the most during the test period, and this could be a possible solution in why they
would not use it more, but the trend is still clear; the male users shows less concern about privacy.
An interesting point shown in Figure 6.25 is that many users have changed from more to the same
and opposite between the two questions. This is probably a good sign, because it can indicate that
the users has read and understood the difference in the two questions. One user in fact changed
from more to less. The substantiated answers to this question show that the user that would use it
less, explained this with that one needs a private life. The users that said that they would use it
more showed no signs of concerns toward the fact they could be located everywhere, but only saw
the new possibilities with this ‘improvement’. The two comments from the users that would use it
equally much shows slight signs of concerns as they said it would be scary that it could not be
controlled and that probably fewer friends would be accepted if the system could locate them
everywhere. The interviewee also pointed out that he would have accepted quite few friends; only
the one he could have been with on his spare time, if the system could locate him anywhere.
Another indication towards that the users of The FriendRadar are not too concerned about
privacy, is their comments about the Facebook privacy. Six participants said that they felt the
privacy was not good enough, but as one commented: “I think than one is vulnerable, but I don’t care,
it’s not important”. This can be an indication of even though the users know they are vulnerable,
they keep using Facebook because the usefulness is greater than the concerns. This is the same as
the case was with Connecto, also mentioned under the discussion of RQ-1. The positive aspects of
the system outweighed the user’s privacy concerns, and the users did not worry about privacy at
all. This is further confirmed by (Barkhuus 2004), which suggests that the ‘coolness’ and usefulness
of a system can undermine the users’ focus on privacy concerns. The Flickr and ZoneTag study,
shows that users are more worried about damaging others privacy than their own (Ahern, Eckles et
al. 2007). Users was also careful when it came to hurting their own identity, like being seen on a gay
parade, but in general the users was not concerned with the pictures revealing their location data as
they said they would not publish them if they were at places they did not want others to see. One
issue that appeared during their study was the problem with users wanting to show some users
where they was, but at the same time not show some other people where they are if they for
instance not are invited. This problem shows that often is the identity of the enquirer more
important that the situation you are in when deciding if you want to share your location
information. This is further confirmed by other studies presented in Section 3.4 (Lederer, Mankoff et
al. 2003) (Consolvo, Smith et al. 2005).
Results from the preliminary study of FindMyFriends indicated that privacy was not a big issue
in FindMyFriends, but that a city wide system would cause bigger privacy concerns among the
users. It seemed like the users was aware of the possibility to block their tag’s signal and therefore
disturbed the system in such a way that they could not be located instead of letting the system
disturb their own personal privacy. This can be compared with the problems of Wireless
Trondheim. Privacy was not an issue because the users could easily avoid connecting to Wireless
Trondheim.
NRK’s article that describes that The Women Shelter have been contacted by women that feels
their men are using location-tracking systems for surveillance purposes, shows that there surely are
80
people using such systems that gets a feeling of loosing their privacy. A mentioned by The Data
Inspectorate, this is the case for a very low portion of the systems users (NRK 2007) . However, this
is a serious problem, as it can be a matter of life and death instead of getting embarrassed if doing
something you do not want others to see.
7.5
RQ-4:
RQ-4
How can privacy mechanisms be used to help the users of context sensitive systems for social
interaction not to loose their personal privacy?
As mentioned several times, what determines if a user wants to use a system that shares the user’s
location with other is a tradeoff between the usefulness of the system and the system’s threat to the
users’ personal privacy. But is it not only as simple as that. Most authors of this subject agree that
feedback and control is the two most important things to consider to keep the personal privacy of
the users and to make a system with sufficient usability. The user needs feedback about what
information other users possibly can see about her, and the user need to be able to control what is
being conveyed to which users. Both are achieved by the use of privacy mechanisms. If a locationbased system is implemented with the right amount of privacy mechanisms it can be both useful
and privacy preserving. This section will discuss which privacy mechanisms that are needed and
which that are not, to achieve this.
The FriendRadar had some privacy mechanisms implemented. These were implemented because
the preliminary study with FindMyFriends’ users concluded that these where of great importance
for a system like The FriendRadar to be successful. As showed by the usage of the system, The
FriendRadar was not a great success among the users. Both the interviewee and the respondents of
the questionnaire showed great enthusiasm about the concept of the system, but did not follow this
up by using it. As discussed in Section 7.2 where it was discussed if people are interesting in using
such a system, the main reason for the low usage of the system is probably the difficulties with
Wireless Trondheim. In fact, these difficulties offered the system a privacy mechanism
automatically. It was very easy for the users of the system to give problems with Wireless
Trondheim as a reason that they was not available for being positioned by their friends, in other
words, it offered the users plausible deniability. They could plausible deny being localised by their
friends without any questions. The fact that they had to connect to Wireless Trondheim to be
localised, would offer plausible deniability even if users had not had any problems connecting (and
keep being connected) with Wireless Trondheim. First, Wireless Trondheim only covers a limited
area, and a user could just say she was outside of the coverage area. Second, if a user entered the
coverage area, she would still have to manually connect to the network and could say that she just
forgot to connect to the network, and easily get away with that explanation.
One of the privacy mechanisms that were implemented in The FriendRadar was reciprocity in
location information, which in practice is that a user only is able to locate her friends when the
friends can locate her. This was suggested as one of the main factors behind a successful city scale
location-tracking system in the preliminary study about FindMyFriends, even though it was not
implemented in FindMyFriends. Most of the relevant literature also underlines this as an important
privacy tool for location-tracking systems, among other by the principle of minimum asymmetry (Jiang,
Hong et al. 2002). This, among with plausible deniability, is mentioned as the most important factor
when it comes to protection from legitimate users in the ‘new’ systems of 2012 in the back to the
future article (Bellavista, Küpper et al. 2008). This protection from legitimate users is imagined by
the authors as an important feature that helped the LBSs to gain popularity. In the questionnaire
about The FriendRadar it was asked if users would use the system more or less if reciprocity in
location sharing was not implemented. As the results presented in Figure 6.21 shows, five users said
they would use it more and the rest said they would use it about the same. In other words, no users
would use it less. This indicates that the users instead of seeing this feature of the system as a
81
privacy protecting mechanism, they see it as a functionality that makes the system less useful.
Again, this could be explained with the problems of Wireless Trondheim. FindMyFriends was
implemented in such a way that the users could locate their friends without being at Samfundet
while doing it, and therefore not possible to locate by other users. It seems that this implementation
could be beneficial for a system in a closed environment as both FindMyFriends (Samfundet) and
The FriendRadar (Wireless Trondheim) is. As many users said, they were rarely inside the coverage
area of Wireless Trondheim and therefore did not have the possibility to use the system. If one
could check which friends that is currently downtown while being at home, it could probably be
more useful for the users. This was also reported happening several times in FindMyFriends; users
checked if some of their friends currently were at Samfundet, and as a consequence both decided to
go to Samfundet and change their plans and not go. One can imagine that this usage pattern could
happen in The FriendRadar as well if it had been possible. It would be interesting to see however, if
the users actually would have the patience to put in the effort it is to connect to Wireless Trondheim
if they did not have to for be able to locate others. It is actually a possibility they would, because as
seen both in FindMyFriends and other surveys presented earlier it seems that users often want to be
localised because they are using the system to tell others of their location. It could be assumed
however that there is only systems that only can locate users in a closed environment that would
benefit from not have reciprocity in location sharing. There was one of the respondents of the
questionnaire however, that said that she thought it was great that one could not see the location of
others when your own location is deactivated. She was not among the participants that received the
iPod, and did therefore not test the system. The other security mechanism that was specifically
implemented to The FriendRadar was the possibility to choose between three granularities of
location sharing in a friendship, which is closely related to reciprocity in location sharing. This is
because the lowest granularity chosen by a part in the friendship becomes the granularity of the
friendship. In this way, ifuser A of the friendship chooses that she can be viewed on the map by
user B , but user B only wants that user A can see if she is nearby or not, both users can only see if
the other user is nearby or not. In this way they achieve location reciprocity. As mentioned earlier,
all users allowed all their friends to be seen on the map. Figure 6.27 however, shows that if The
FriendRadar could locate the users anywhere, half of the users said they would allow fewer friends
to see them on the map. This could backup the assumption that reciprocity in location information
is more important in a system where the users could be located anywhere in the world This also
corresponds to the intuitive principle people normally live by; if I can not see you, then you can not
see me.
The privacy mechanism that was considered the most important from the preliminary study for
a system like The FriendRadar was the possibility to turn the system off, and preferably in a way
that offers the users plausible deniability. As mentioned above, this mechanism was automatically
achieved both by the limited area Wireless Trondheim covers, the troubles with Wireless
Trondheim and the fact that a user has to manually connect to Wireless Trondheim before someone
can localise her. A very large portion of the users of FindMyFriends said that this would be a
necessity if they were going to use a system that covers an entire city or more. The users of The
FriendRadar were not immediately worried about this ability to turn the system off, as Figure 6.24
shown. Six users would have used the system more if one could be localised independent on
network, and only one would use it less. None of the textual answers that backups these answers
say anything about the possibility to turn the system off, but some user shows privacy concerns.
From the answers of this question alone, it seems that the users actually are willing to use a system
that locates them everywhere, without thinking of privacy mechanisms. But when asked specifically
if they would use a turn-off functionality in a system where they could be located anywhere,
thirteen respondents said they would and only one respondent said she would not. To substantiate
this, the users wrote that they would use it to hide and that there are situations where one wants to
be left alone. A couple of users did also mention in other questions that they though it was great
that one could turn off the system as it was implemented today, and they would probably think this
82
is even more important in a larger scale system. The answers of the two final questions of the
questionnaire were also pretty clear. These results are shown in Figure 6.31, which shows that only
two users said that they definitely would use a future system that located the users anywhere if it
was not possible to disable the positioning functionality. Nine users were unsure and five would not
use it. When the same question was asked about a system where you could disable the positioning
functionality, as many as eleven users said that they would use the system, with five users that were
unsure. Figure 6.32 shows that two users did change from ‘No’ to yes and seven changed form
‘Maybe’ to ‘Yes’ when it became possible to disable the positioning functionality. These results are
pretty clear, and they clearly indicates that a possibility to turn off the positioning if you do not
want to be located is a feature the users expects form a location-tracking system, and that a system
without it would have more difficulties to become a user success than a system that have this
feature.
A privacy mechanism that was not implemented in neither The FriendRadar or in
FindMyFriends was the possibility to say that you are at a different place than you in reality are, to
lie about your location. If implemented the right way, this could another mechanism that helps the
users to plausible deny disclosure of their location. The users of FindMyFriends did not see the
purpose of this functionality except for a couple of user that said they would use it for fun. Many
users in fact pointed out that this opportunity would ruin the whole concept of the system and that
the system could no longer be trusted. About the same results did appear when this question was
asked to the users of The FriendRadar, only two users said they would have used it in The
FriendRadar and the one user that commented this answer said that it would be fun to fool
someone. Six users did not know and six did not want to lie about their location. One of the ‘No’
respondents said that if one could lie, the purpose of The FriendRadar would disappear. Others
said that they rather would log off the network than lie about their location. Also these results
change dramatically when the users are asked if they would use a ‘lie’ functionality in a system
where you could be located anywhere. In this case eleven users said that they thought they would
use a ‘lie’ functionality, and only three said they would not. The textual answers shows for the first
time someone that thought they would use it as a privacy mechanism, where one commented that it
would be used for safety and one commented that it would use to hide embarrassment of their
location. The results alone can indicate that such functionality would be necessary. A mistake was
made however when designing this question for the questionnaire, as the ‘Don’t know’ alternative
disappeared. It is difficult to judge how many users that would answered ‘Don’t know’ to this
question, but the relative few comments indicates that it could be quite a few. As the testing of
Connecto (Barkhuus, Brown et al. 2008) where the users had the possibility to suppress the
automatically positioning and write in any location they wanted, this functionality was not used for
privacy reasons, but used for giving the other users a better idea of what their actual location was.
This again shows, as mentioned before, that the users either conveyed the location that they thought
would give the other users most information, or they did not convey their location at all. This is
confirmed by the comments from the respondents of the questionnaire and by the interviewee that
said they would rather just log of the system, instead of lying about their location. Therefore, it is
doubtful that a lie functionality would be of great importance for the users. It can in fact, as some
users pointed out, damage the users trust in the accuracy of the system.
At last, there was some considered privacy mechanisms that was not implemented in The
FriendRadar. The most important ones are the possibility to group friends and getting notice by the
system when other localises you. The grouping of friends was not implemented because all of the
users in this system were considered to be in the same group. The three groups that probably is
mentioned the most in the literature about this subject is friends, family and work. Many studies
has shown that the identity if the enquirer of location are of more importance than the user’s
current location (Lederer, Mankoff et al. 2003; Consolvo, Smith et al. 2005). Grouping of friend offer
the users more control with less effort in configuring privacy settings, as all the members of each
group has the same privacy settings. From this study it is difficult to say if it would benefit a
83
location-tracking system or not, but the interviewee said that he would not use it as a privacy
mechanism, but as a mechanism to get better overview of his friends. Some respondents of the
questionnaire about The FriendRadar, the interviewee and the interviewees from FindMyFriends
said that they would have fewer friends in a system that could locate them in a larger area. This can
indicate that it could be enough to have individual privacy settings, since the effort to configure the
privacy settings individually decrease if they have few friends. To get a notification each time one
get localised by others was not implemented mainly because the system was designed such as all
the friends of a user was shown at the map each time the user shows the map. This could lead to
many irrelevant location notifications for the users, as they might not be the target of the user that
localises them. On the other hand, it gives the users better feedback over what other actually do see
about them. A solution that might have worked was if the users only could localise one and one of
her friends on the map, and each time the user opens a new friend’s map, the friend get a notice
about it. This would increase the feedback to the friends, but it would decrease the usability of the
system. The interviewee felt that this could be a useful feature about a future system even if it used
a single map which showed all the friends at once. It remains an open question however, if giving
notice to users when they are localised is beneficial for a location-tracking system.
As mentioned in the start of this section, if a location-based system is implemented with the right
amount of privacy mechanisms, the system can be both useful and privacy preserving. What the
‘right’ amount is, is difficult to tell. This study however has shown that to the possibility to turn off
the system, or at least the position functionality, is of utterly importance if a location-tracking
system would be used. It would beneficial if the system could be turned off in such a way that it
offers the users plausible deniability. Further, such a system should have individual privacy
settings for each friend, as this would be more precise and since users of location-tracking system
probably would have few friends. Finally, a system that only can locate users within a limited
physical area, would probably actually benefit from not implementing reciprocity of location
sharing. This could lead to a system with a higher usefulness for the users, as they can check if any
of their friends are within that limited area, even if they are not inside that area themselves. The
increased possibility of plausible deniability that the fact that one can only be localised some places
give, seems to weigh up for the lost privacy this decreased reciprocity in location sharing gives. If
the system can locate users worldwide however, reciprocity of location sharing seems extremely
important. Since it is already said that the positioning functionality should be able to turn off, this
reciprocity will mean that a user will only be able to locate others when her own positioning
functionality is turned on. It seems that both kinds of systems however, will benefit from having
reciprocity in location sharing in each individual friendship, which means that the strictest privacy
options chosen by the two parts in a friendship counts for both parts of the friendship. This study
suggests that a system with these privacy mechanisms implemented with have the right amount of
privacy mechanisms, and therefore be both privacy preserving and useful for the users. If more
privacy mechanisms was implemented it would decrease the usefulness of the system, by either
making the use of the system too cumbersome or by decreasing the users trust in the accuracy of the
system.
7.6
Threats to validity
Some threats to the validity of the results from the logged data and the questionnaire exist. These
will shortly be discussed in this section.
First, too few users participated both in the experiment and in the questionnaire to make it
possible to generalise the results from this study. At least 30 test users would be a minimum size to
do assumptions that counts for the whole population (Oates 2006). Thus, all the conclusions
presented in this master’s thesis are based on indications and not statistically proved results.
Further, the fact that some users received the iPod three days later than the rest of the users and
therefore registered to the system a little late can threaten the realism of the results.
84
Next, some issues of the questionnaire can be considered threats to the validity of the results.
First, question 15 that asked if the users had participated in the experiment and received an iPod
was double barrelled as it asked two questions at once. It seems however like the users understand
this question as a question about if they received an iPod. Second, question 29 and 30 that asked
question about if the users had located themselves on the map, was clearly misunderstood. These
results however are not considered in the discussion and have no effect on the conclusions. Third,
the second lie question, question 55, did not have a ‘Don’t know’ alternative like the first lie
question. On the other hand, this question had a comment field that made this mistake less serious.
Finally, a question was not asked in the questionnaire that should have been asked. The users
should have been asked why they did not accept all their friend requests, because it would be
interesting to know if they were not accepted on purpose or if they were just unseen requests.
Finally, the problems with Wireless Trondheim have probably affected the results, but this issue
are dealt with through both the results and the discussion of this master’s thesis.
85
86
8
Conclusions and further work
This chapter will first present the conclusions of the findings discussed in the previous chapter
followed by the further work.
8.1
Conclusions
This master’s thesis has investigated four research questions by the use of a prototype locationtracking system developed for this thesis called The FriendRadar. This system was tested on
specifically selected test subjects which was equipped with mobile devices. The test subject’s usage
of the system was analysed using data logged by the system and followed up with a questionnaire
sent to all the test persons and an interview of one of the test persons.
The users had to be connected to Wireless Trondheim to be able to be located with The
FriendRadar. This study has shown that Wireless Trondheim is not suited for this kind of usage,
mainly because the connection is lost when moving around with the device. There was also several
other problems with Wireless Trondheim like bad coverage, low speed and the fact that users had
difficulties to connect to the network in the first place. The choice of Apple’s iPod Touch as the
mobile device and gymnasium pupils as test persons seems to be right however. The iPod was used
a lot by the test persons and it was user friendly for the users. The users also were satisfied with its
coolness.
To answer the first research question of this master’s thesis it was investigated if people are
interested in using a system for locating and interacting with their friend and family using mobile
devices connected to a wireless network. This was done by looking at the logged usage of The
FriendRadar, together with the answers of the questionnaire and from the interview. The results
from these studies showed that The FriendRadar was not used much by the test users. This is
probably due to two factors that both amplify each other; the difficulties with Wireless Trondheim
and the initial low user mass. The users expressed however great enthusiasm about the concept of
being able to locate their friends and almost all users said they would use a similar system if all the
shortcomings of the system and the positioning were fixed. It also seems that users are willing to
use a location-tracking system if it would locate users worldwide. Further results indicate that the
users naturally assume that they have to share their location to be able to see other’s location in a
worldwide system, and that they are willing to do so to achieve this. It seems like whether a user
will use a location-tracking system or not is a tradeoff between the usefulness of the system and the
user’s privacy concerns. If the privacy mechanisms is balanced correctly, it seems that locationtracking systems have great potential to achieve a large user mass. It also seems that female users
are more interested in using such systems than male users. Finally, it seems that a future system
would benefit from being a simple instant messaging system, instead of a more complex social
network system. This system should share both messages and location synchronously and directly
between users.
Further, it was investigated if users of a system that reveals the users’ location to others behave
in a different way than they would have without using the system. This was done by using the
answers from the questionnaire and the interview, together with results from the preliminary study
about FindMyFriends and earlier research by other authors. The answers from the users of The
FriendRadar indicate that the users of the system in general did not act in different ways because
they could see others location. The study of FindMyFriends however had several examples of users
that did actions that they would not have done without knowing their friends location. The same is
shown by other surveys. Their actions which was different was mostly spontaneous actions, that
appeared from their knowledge of their friends locations. The users of The FriendRadar did not act
in a different way as a consequence of that they knew that others could see their location either, but
they imagine they would do if the system was worldwide. The results from FindMyFriends also
shows that in general, that the system did not hinder the users to do things they did not want other
87
people to know, but instead the users hindered the system to show they were doing it. Other
studies show that users in fact do act in different ways to use the location-tracking system for their
own advantage. They actively use the system to show others where they are or what they are doing,
because the want others to find them.
Next, it was investigated if users that share location information feel that they are loosing their
own personal privacy. Results from the interview and the questionnaire were used to investigate
this. The results indicate that the users of The FriendRadar were not concerned about privacy at all
while using the system, but as explained, it was not used much. The users did not seem to be overly
concerned about future systems that could locate them anywhere either, but some users showed
slight concerns about it. Most of the users seemed to be more excited about the new possibilities
this would give instead. When specifically asked however, most of the users showed that they
would want to use privacy mechanisms as turning off the system if they could be located anywhere,
which indicate some concerns. The male users seemed to be less worried about their personal
privacy in location tracking systems, than the females.
Finally, it was investigated how privacy mechanisms could help the users of location-tracking
systems not to loose their personal privacy. This was done both by studying existing literature, and
by asking the respondents of the questionnaire and the interviewee directly about these
mechanisms. The study shows that privacy mechanisms are essential for users to want to use
location-tracking systems, but they have to be balanced in such a way that they do not remove the
possibilities such systems offers. If the right amount of privacy mechanisms are implemented to a
location-tracking system, the system can both be privacy preserving and useful for the users. This
study suggests that the right privacy mechanisms are the possibility to turn the positioning
functionality off, and do this either towards all users or towards individual users. Further, if the
location-system is worldwide, reciprocity in location sharing is essential, but if the system only
locates users inside a limited area not larger than a city, this reciprocity only hampers the users’
experience of the system. If further privacy mechanisms are added, it seems that the system no
longer is useful enough for the users, and therefore will not be used.
8.2
Further work
This master’s thesis has looked at several aspects of a location-tracking system meant for users to
locate their friends. It is concluded that this concept is of great interest for the users, but that
sufficient privacy mechanisms must be implemented. It has also shown that The FriendRadar was
not used very much, among others as a consequence of the problems with Wireless Trondheim.
Therefore, a study of a similar system that is based on another location technology and that had
more users, would be necessary to be able to confirm the results found in this master’s thesis. Even
if it is outside the scope of this master’s thesis, a combination of GSM and GPS positioning would
seem a reasonable choice that makes it possible to locate each other almost anywhere in the world.
The suggestions from this master’s thesis could be used in the development of the system. If these
are followed the system will be an instant messaging system where the users’ location and
messages are shared synchronously and directly between the users without any central server. It
should be possible to turn off the positioning functionality, but if a user has turned it off, she will
not be able to see the location of her friends either. Finally, the system’s users should be able to turn
the positioning off towards some users, and keep it on towards others.
88
Bibliography
Ahern, S., D. Eckles, N. S. Good, S. King, M. Naaman and R. Nair (2007). Over-exposed?: privacy
patterns and considerations in online and mobile photo sharing. Proceedings of the SIGCHI
conference on Human factors in computing systems. San Jose, California, USA, ACM.
Andresen, S., J. Krogstie and T. Jelle (2007). Lab and Research Activities in Wireless Trondheim
Proceedings of IEEE International Symposium on Wireless Communication Systems.
Trondheim, Norway: 385 - 389.
Barkhuus, L. (2004). Privacy in Location-Based Services, Concern vs. Coolness. Mobile HCI 2004
Workshop on Location Systems Privacy and Control. Glasgow.
Barkhuus, L., B. Brown, M. Bell, S. Sherwood, M. Hall and M. Chalmers (2008). From awareness to
repartee: sharing location within social groups. Proceeding of the twenty-sixth annual
SIGCHI conference on Human factors in computing systems. Florence, Italy, ACM: 497-506.
Barkhuus, L. and A. K. Dey (2003). Location-Based Services for Mobile Telephony: a study of users’
privacy concerns. Proceeding of the INTERACT 2003, 9th IFIP TC13 International
Conference on Human-Computer Interaction: 709 -712.
Bellavista, P., A. Küpper and S. Helal (2008). "Location-Based Services: Back to the Future."
Pervasive Computing, IEEE 7(2): 85-89.
Bellotti, V. and A. Sellen (1993). "Design for privacy in ubiquitous computing environments."
Proceedings of the third conference on European Conference on Computer-Supported
Cooperative Work: 77-92.
Colbert, M. (2001). A diary study of rendezvousing: implications for position-aware computing and
communications for the general public. Proceedings of the 2001 International ACM
SIGGROUP Conference on Supporting Group Work. Boulder, Colorado, USA, ACM.
Consolvo, S., I. E. Smith, T. Matthews, A. LaMarca, J. Tabert and P. Powledge (2005). Location
disclosure to social relations: why, when, & what people want to share. Proceedings of the
SIGCHI conference on Human factors in computing systems. Portland, Oregon, USA, ACM.
Dey, A. K., G. D. Abowd and D. Salber (2001). "A conceptual framework and a toolkit for
supporting the rapid prototyping of context-aware applications." Human-computer
interaction 16(2, 3 & 4): 97.
Grandhi, S. A., Q. Jones and S. Karam (2005). Sharing the big apple: a survey study of people, place
and locatability. CHI '05 extended abstracts on Human factors in computing systems.
Portland, OR, USA, ACM.
ITavisen. (2001). "Finn vennene dine med SMS." Retrieved 13. December, 2007, from
http://www.itavisen.no/showArticle.php?articleId=1296979.
Jiang, X., J. I. Hong and J. A. Landay (2002). "Approximate information flows: Socially-based
modeling of privacy in ubiquitous computing." UbiComp 2002: Ubiquitous Computing : 4th
International Conference, Göteborg, Sweden, September 29 - October 1, 2002. Proceedings:
176.
Jones, Q. and S. Grandhi (2005). "P3 systems: putting the place back into social networks." IEEE
internet computing 9(5): 38.
Junglas, I. A. and R. T. Watson (2008). "Location-based services." Commun. ACM 51(3): 65-69.
Langheinrich, M. (2001). "Privacy by Design - Principles of Privacy-Aware Ubiquitous Systems "
Proceedings of the 3rd international conference on Ubiquitous Computing 273-291
Lederer, S., J. I. Hong, A. K. Dey and J. A. Landay (2004). "Personal privacy through understanding
and action: five pitfalls for designers." Personal and ubiquitous computing 8(6): 440-454.
Lederer, S., J. Mankoff and A. K. Dey (2003). Who wants to know what when? privacy preference
determinants in ubiquitous computing. CHI '03 extended abstracts on Human factors in
computing systems. Ft. Lauderdale, Florida, USA, ACM.
89
mBuddy. (2007). "mBuddy homepage." Retrieved 14. December, 2007, from
http://www.mbuddy.no.
Navizon. (2007). "Navizon - Virtual GPS for mobile devices and laptop computers " Retrieved 16.
December, 2007, from http://www.navizon.com/.
NRK. (2007). "Vil stoppe mobiltjenester." Retrieved 14. December, 2007, from
http://nrk.no/nyheter/kultur/1.4300325.
O'Reilly, T. (2005). "What Is Web 2.0: Design Patterns and Business Models for the Next Generation
of Software." Retrieved 14. December, 2007, from
http://www.oreillynet.com/pub/a/oreilly/tim/news/2005/09/30/what-is-web-20.html.
Oates, B. J. (2006). Researching information systems and computing. London, SAGE.
Orwell, G. (1949). Nineteen Eighty-Four. A novel, Secker & Warburg: London.
Palen, L. (1999). "Social, individual and technological issues for groupware calendar systems."
Proceedings of the SIGCHI conference on Human factors in computing systems: the CHI is
the limit 17-24
Palen, L. and P. Dourish (2003). "Unpacking "privacy" for a networked world." Proceedings of the
SIGCHI conference on Human factors in computing systems: 129-136
Raento, M. and A. Oulasvirta (2005). "Privacy management for social awareness applications." The
Workshop on Context Awareness for Proactive Systems (CAPS 2005): 105-114.
Robson, C. (2002). Real world research: a resource for social scientists and practitioner - researchers.
Oxford, Blackwell.
Weber, W., J. M. Rabaey and E. Aarts (2005). Ambient Intelligence. Berlin, Heidelberg, SpringerVerlag Berlin Heidelberg.
Weiser, M. (1993). "Hot topics-ubiquitous computing." Computer 26(10): 71-72.
90
Appendix A – The questionnaire
Questionnaire
Nr
Condition
Question
Alternatives
1. General questions
1.
Gender:
2.
Do you have a profile on Facebook?
3.
4.
Q2 – Yes
Q2 – Yes
Why do you have a profile on Facebook?
How many friends do you have on Facebook?
5.
Q2 – Yes
How often do you log in on Facebook?
6.
Q2 – Yes
7.
Q6 - Yes
8.
Q6 - No
9.
10.
Q2 – Yes
Q2 – Yes
11.
12.
Q2 – No
Do you feel that Facebook is an important part of
your life?
In which way are Facebook an important part of
your life?
Why are Facebook not an important part of your
life?
What do you use Facebook for?
What do you think of your personal privacy in
Facebook?
Why do you not have a profile on Facebook?
How many other similar services are you
registered to in addition to Facebook?
13.
Which mobile devices do you own?
14.
Have you participated in the testing of the
A-1
-Male
-Female
-Yes
-No
Text
-0-19
-20-49
-50-99
-10-199
-200-300
-More than 300
-Several times per day
-About one time per day
-Several time per week
-About one time per week
-About every other week
-About one time per month
-Less frequent
-Yes
-No
Text
Text
Text
Text
Text
-0
-1
-2-3
-4-5
-More than 5
(Choose one or many)
-Mobile phone
-Laptop
-PDA
-Mp3-player (iPod etc)
-Other
-None
-Yes
systems and received an iPod?
How much have you used the iPod you received?
15.
Q14 - Yes
16.
Q14 – Yes
How much have you used the iPod at the
following places? 1 means that you have used it
very little, and 5 mean that you have used it a lot.
17.
Q14 – Yes
How much have you used the iPod to do the
following activities? 1 means that you have used
it very little, and 5 mean that you have used it a
lot.
18.
Q14 – Yes
How difficult do you think it was to perform the
following tasks? 1 means very easy and 5 means
very difficult
19.
Q14 –Yes
How many times have you tried to connect to
Wireless Trondheim with the iPod?
20.
Q14 –Yes
How many times have you managed to connect
to Wireless Trondheim with the iPod?
21.
Do you feel that the coverage of Wireless
Trondheim was good enough to use in practice?
-No
-I have not used it
-I have used it once
-I have used it a couple of
times
-I have used it fairly much
-I have used it a lot
(Range, 1 to 5)
-At home
-At school
-Other places
(Range, 1 to 5)
-Listen to music
-Watch saved video
-Surf the web
-Be at YouTube
-Use The FriendRadar
-Use @school
-Other things
(Range, 1 to 5)
-Connect to wireless internet
-Surf the Web
-Upload music
-0
-1
-2-3
-4-5
-6-10
-11-20
-More that 20 times
-0
-1
-2-3
-4-5
-6-10
-11-20
-More that 20 times
-Yes
-No
-Don’t know
2. Questions about The FriendRadar
22.
Q14-Yes
How many times have you logged in to The
FriendRadar from the iPod during the test
period?
23.
Q14-Yes
How many times have you logged to The
FriendRadar from a regular computer during the
test period?
A-2
-0
-1
-2-3
-4-5
-6-10
-More than 10 times
-0
-1
-2-3
24.
Q14-Yes
Would you have used the system more or less if
you could have seen your friend’s location even if
you were not connected to Wireless Trondheim
yourself?
How many friends did you have at The
FriendRadar?
25.
Q14-Yes
26.
Q14-Yes
27.
Q26 – Yes
28.
Q26 – No
29.
Q14-Yes
30.
Q14-Yes
How many times have you found yourself on the
map in The FriendRadar?
31.
Q14-Yes
32.
Q31-Yes
Have you ever found any of your friends on the
map in The FriendRadar?
How many times have you found some of your
friends on the map in The FriendRadar?
33.
Q31-Yes
Have you logged in to The FriendRadar with the
intention to check where your friends were
located?
How many times have you logged in to The
FriendRadar with the intention to check where
your friends were located?
Why haven’t you logged in to The FriendRadar
with the intention to check where your friends
were located?
How many times have you tried to find yourself
on the map in The FriendRadar?
Have you ever tried to look up (physically) any of
the friends that you have found on The
FriendRadar?
A-3
-4-5
-6-10
-More than 10 times
-More
-Less
-About the same
-0
-1-3
-4-6
-7-10
-11-15
-More than 15 friends
-Yes
-No
-1 time
-2 times
-3 times
-4 times
-5 times
-6 times or more
Text
-No times
-1 time
-2 times
-3 times
-4 times
-5 times
-6 times or more
-No times
-1 time
-2 times
-3 times
-4 times
-5 times
-6 times or more
-Yes
-No
-1 time
-2 times
-3 times
-4 times
-5 times
-6 times or more
-Yes
-No
34.
Q33-Yes
How many times have you tried to look up
(physically) any of the friends that you have
found on The FriendRadar?
35.
Q33-Yes
36.
Q35-Yes
Have you ever found (physically) some of the
friend you tried to look up?
How many times have you found (physically)
some of the friends you have tried to look up?
37.
38.
39.
40.
Q35-No
Q33-No
Q31-No
Q14-Yes
41.
Q14-Yes
42.
43.
Q41-Yes
Q14-Yes
44.
Q14-Yes
45.
Q14-Yes
If the system had the possibility to 'lie' on your
location, would you have used this functionality?
46.
Q14-Yes
Was it some friends that you did not allow to see
you on the map?
47.
Q14-Yes
48.
49.
Q47-Yes
Q14-Yes
Were you ever afraid of that the system
administrator or others would use your location
or other information about you that was saved in
The FriendRadar to something you did not know
about?
What were you afraid they would use it for?
Have you ever sent a message through The
FriendRadar?
Would you use a similar system as The
50.
Why haven’t you found them?
Why haven’t you tried to find them?
Why haven’t you found them on the map?
Do you feel that the iPod combined with The
FriendRadar's positioning-functionality has
disturbed your own private life?
Have you ever behaved in different way when
you have used the iPod in Wireless Trondheim
than you would have done without the iPod,
because you knew that all your friends could see
where in the city you where located?
What have you done that is different?
How many times have you deliberately avoided
connecting the iPod to Wireless Trondheim
because you did not want other to be able to
locate you downtown with The FriendRadar?
How many times have you left the iPod on a
place where you were not, because you did not
want it to show your real location?
A-4
-1 time
-2 times
-3 times
-4 times
-5 times
-6 times or more
-Yes
-No
-1 time
-2 times
-3 times
-4 times
-5 times
-6 times or more
Text
Text
Text
-Yes
-No
-Yes
-No
Text
-More than 5 times
-2-4 times
-1 time
-No times
-More than 5 times
-2-4 times
-1 time
-No times
-Yes
-No
-Don’t know
[Comment field]
-Yes
-No
[Comment field]
-Yes
-No
Text
-Yes
-No
-Yes
51.
52.
FriendRadar if it was put on the market, and all
the shortcomings of the system and the
positioning was fixed?
What do you think about the concept behind The
FriendRadar, namely is the possibility to locate
your friends?
If you have other comments concerning the usage
or the functionality of The FriendRadar you can
write it here.
Would you use The FriendRadar more or less if
you could be located everywhere independent on
which network you was connected to?
53.
Q14-Yes
54.
Q14-Yes
If you had been located anywhere, would you
allow the same friends to see you at the map as
you did in The FriendRadar?
55.
Q14-Yes
56.
Q14-Yes
If you had been located anywhere, do you think
that you would have used a 'lie' functionality as
mentioned earlier?
If you had been located anywhere and it had been
possible to turn the system off, would you have
used this turn-off functionality?
If you imagine that you could choose between a
system that are very similar to MSN and where
you could be located anywhere, and a system that
is very similar to Facebook and where you could
be located anywhere, which system would you
choose?
Would you have used one of the systems
mentioned above if it was not possible to turn off
the positioning-functionality?
Would you have used one of the systems
mentioned above if it was possible to turn off the
positioning-functionality?
57.
58.
59.
A-5
-No
Text
Text
-More
-Less
-The same
[Comment field]
-Yes
-No, I would have allowed
fewer to see me on the map
-No, I would have allowed
more to see me on the map
-Yes
-No
[Comment field]
-Yes
-No
[Comment field]
-The MSN system
-The Facebook system
[Comment field]
-Yes
-No
-Maybe
-Yes
-No
-Maybe
Results from questionnaire
1. Gender
Valid
Female
Frequency
9
Percent
56,3
Valid Percent
56,3
Cumulative
Percent
56,3
100,0
Male
7
43,8
43,8
Total
16
100,0
100,0
2. Do you have a profile on Facebook?
Valid
Frequency
16
Y
Percent
100,0
Valid Percent
100,0
Cumulative
Percent
100,0
4. How many friends do you have on Facebook?
Valid
Cumulative
Percent
Frequency
1
Percent
6,3
Valid Percent
6,3
50-99
2
12,5
12,5
18,8
100-199
4
25,0
25,0
43,8
200-300
6
37,5
37,5
81,3
100,0
0-19
300+
3
18,8
18,8
Total
16
100,0
100,0
6,3
5. How often do you log in on Facebook?
Valid
Cumulative
Percent
50,0
Frequency
8
Percent
50,0
Valid Percent
50,0
Several time per day
6
37,5
37,5
87,5
Several times per week
2
12,5
12,5
100,0
16
100,0
100,0
One time per day
Total
6. Do you feel that Facebook is an important part of your life?
Valid
N
Y
Total
Frequency
12
Percent
75,0
Valid Percent
75,0
Cumulative
Percent
75,0
100,0
4
25,0
25,0
16
100,0
100,0
12. How many other similar services are you registered to in addition to Facebook?
Valid
Cumulative
Percent
0
Frequency
2
Percent
12,5
Valid Percent
12,5
1
8
50,0
50,0
2-3
5
31,3
31,3
93,8
4-5
1
6,3
6,3
100,0
16
100,0
100,0
Total
A-6
12,5
62,5
13. Which mobile devices do you own? [Mobile phone]
Valid
Y
Frequency
16
Percent
100,0
Valid Percent
100,0
Cumulative
Percent
100,0
13. Which mobile devices do you own? [Laptop]
Frequency
6
Percent
37,5
Valid Percent
37,5
Cumulative
Percent
37,5
Y
10
62,5
62,5
100,0
Total
16
100,0
100,0
Valid
13. Which mobile devices do you own? [PDA]
Valid
Y
Total
Frequency
15
Percent
93,8
Valid Percent
93,8
Cumulative
Percent
93,8
1
6,3
6,3
100,0
16
100,0
100,0
13. Which mobile devices do you own? [mp3-player (iPod etc)]
Valid
Y
Frequency
16
Percent
100,0
Valid Percent
100,0
Cumulative
Percent
100,0
13. Which mobile devices do you own? [Others]
Frequency
12
Valid
Y
Total
Percent
75,0
Valid Percent
75,0
Cumulative
Percent
75,0
100,0
4
25,0
25,0
16
100,0
100,0
13. Which mobile devices do you own? [None]
Frequency
16
Valid
Percent
100,0
Valid Percent
100,0
Cumulative
Percent
100,0
14. Have you participated in the testing of the systems and received an iPod?
Valid
Percent
12,5
Valid Percent
12,5
Cumulative
Percent
12,5
100,0
N
Frequency
2
Y
14
87,5
87,5
Total
16
100,0
100,0
A-7
15. How much have you used the iPod you received?
Valid
Cumulative
Percent
Frequency
2
Percent
12,5
Valid Percent
12,5
Fairly much
2
12,5
12,5
A lot
6
37,5
37,5
62,5
Couple of times
6
37,5
37,5
100,0
16
100,0
100,0
.
Total
12,5
25,0
16. How much have you used the iPod at the following places? [At home]
Valid
1
Percent
18,8
Valid Percent
21,4
3
4
25,0
28,6
4
6
37,5
42,9
92,9
5
1
6,3
7,1
100,0
14
87,5
100,0
Total
Missing
Cumulative
Percent
Frequency
3
System
Total
2
12,5
16
100,0
21,4
50,0
16. How much have you used the iPod at the following places? [At school]
Valid
1
Percent
12,5
Valid Percent
14,3
2
5
31,3
35,7
3
5
31,3
35,7
85,7
4
2
12,5
14,3
100,0
14
87,5
100,0
2
12,5
16
100,0
Total
Missing
Cumulative
Percent
Frequency
2
System
Total
14,3
50,0
16. How much have you used the iPod at the following places? [Other places]
Valid
1
Percent
12,5
Valid Percent
14,3
2
5
31,3
35,7
50,0
3
1
6,3
7,1
57,1
4
2
12,5
14,3
71,4
5
4
25,0
28,6
100,0
14
87,5
100,0
2
12,5
16
100,0
Total
Missing
Total
Cumulative
Percent
Frequency
2
System
A-8
14,3
17. How much have you used the iPod to do the following activities? [Listen to music]
Valid
1
Percent
6,3
Valid Percent
7,1
3
1
6,3
7,1
4
4
25,0
28,6
42,9
5
8
50,0
57,1
100,0
14
87,5
100,0
2
12,5
16
100,0
Total
Missing
Cumulative
Percent
Frequency
1
System
Total
7,1
14,3
17. How much have you used the iPod to do the following activities? [Watch saved videos]
Valid
1
Percent
50,0
Valid Percent
57,1
2
1
6,3
7,1
64,3
4
5
31,3
35,7
100,0
14
87,5
100,0
2
12,5
16
100,0
Total
Missing
Cumulative
Percent
Frequency
8
System
Total
57,1
17. How much have you used the iPod to do the following activities? [Surf the Web]
Valid
1
Frequency
1
Percent
6,3
Valid Percent
7,1
Cumulative
Percent
7,1
2
5
31,3
35,7
42,9
3
4
25,0
28,6
71,4
4
2
12,5
14,3
85,7
5
2
12,5
14,3
100,0
14
87,5
100,0
2
12,5
16
100,0
Total
Missing
System
Total
17. How much have you used the iPod to do the following activities? [Be at YouTube]
Valid
1
Percent
31,3
Valid Percent
35,7
2
6
37,5
42,9
4
2
12,5
14,3
92,9
5
1
6,3
7,1
100,0
14
87,5
100,0
Total
Missing
Total
Cumulative
Percent
Frequency
5
System
2
12,5
16
100,0
A-9
35,7
78,6
17. How much have you used the iPod to do the following activities? [Use The FriendRadar]
Valid
1
Percent
43,8
Valid Percent
50,0
2
5
31,3
35,7
85,7
2
12,5
14,3
100,0
14
87,5
100,0
3
Total
Missing
Cumulative
Percent
Frequency
7
System
Total
2
12,5
16
100,0
50,0
17. How much have you used the iPod to do the following activities? [Use @school]
Valid
1
Frequency
11
Percent
68,8
Valid Percent
78,6
Cumulative
Percent
78,6
2
1
6,3
7,1
85,7
3
1
6,3
7,1
92,9
5
1
6,3
7,1
100,0
14
87,5
100,0
2
12,5
16
100,0
Total
Missing
System
Total
17. How much have you used the iPod to do the following activities? [Other things]
Valid
1
2
1
6,3
7,1
85,7
4
2
12,5
14,3
100,0
14
87,5
100,0
2
12,5
16
100,0
Total
Missing
System
Total
Percent
68,8
Valid Percent
78,6
Cumulative
Percent
78,6
Frequency
11
18. How difficult do you think it was to perform the following tasks? [Connect to Wireless Internet]
Valid
Percent
25,0
Valid Percent
28,6
Easy
3
18,8
21,4
50,0
Medium
3
18,8
21,4
71,4
Difficult
2
12,5
14,3
85,7
Very difficult
2
12,5
14,3
100,0
14
87,5
100,0
2
12,5
16
100,0
Very easy
Total
Missing
Total
Cumulative
Percent
Frequency
4
System
A-10
28,6
18. How difficult do you think it was to perform the following tasks? [Surf the Web]
Valid
Percent
25,0
Valid Percent
28,6
Easy
3
18,8
21,4
50,0
Medium
3
18,8
21,4
71,4
Difficult
1
6,3
7,1
78,6
Very difficult
3
18,8
21,4
100,0
14
87,5
100,0
Very easy
Total
Missing
Cumulative
Percent
Frequency
4
System
Total
2
12,5
16
100,0
28,6
18. How difficult do you think it was to perform the following tasks? [Upload music]
Valid
Frequency
8
Percent
50,0
Valid Percent
57,1
Cumulative
Percent
57,1
Easy
2
12,5
14,3
71,4
Difficult
2
12,5
14,3
85,7
Very difficult
2
12,5
14,3
100,0
14
87,5
100,0
2
12,5
16
100,0
Very easy
Total
Missing
System
Total
19. How many times have you tried to connect to Wireless Trondheim with the iPod?
Valid
Missing
2-3
Frequency
1
Percent
6,3
Valid Percent
7,1
Cumulative
Percent
7,1
4-5
5
31,3
35,7
42,9
6-10
6
37,5
42,9
85,7
11-20
2
12,5
14,3
100,0
Total
14
87,5
100,0
System
Total
2
12,5
16
100,0
20. How many times have you managed to connect to Wireless Trondheim with the iPod?
Valid
Missing
Total
0
Frequency
4
Percent
25,0
Valid Percent
28,6
Cumulative
Percent
28,6
1
2
12,5
14,3
42,9
2-3
7
43,8
50,0
92,9
6-10
1
6,3
7,1
100,0
Total
14
87,5
100,0
2
12,5
16
100,0
System
A-11
21. Do you feel that the coverage of Wireless Trondheim was good enough to use in practice?
Valid
No
Don’t know
Total
Frequency
13
Percent
81,3
Valid Percent
81,3
3
18,8
18,8
16
100,0
100,0
Cumulative
Percent
81,3
100,0
22. How many times have logged in to The FriendRadar from the iPod during the test period?
Valid
0
Percent
31,3
Valid Percent
35,7
1
2
12,5
14,3
2-3
4
25,0
28,6
78,6
4-5
3
18,8
21,4
100,0
14
87,5
100,0
2
12,5
16
100,0
Total
Missing
Cumulative
Percent
Frequency
5
System
Total
35,7
50,0
23. How many times have you logged to The FriendRadar from a regular computer during the the test period?
Valid
Missing
Cumulative
Percent
0
Frequency
2
Percent
12,5
Valid Percent
14,3
1
5
31,3
35,7
50,0
2-3
5
31,3
35,7
85,7
4-5
1
6,3
7,1
92,9
6-10
1
6,3
7,1
100,0
Total
14
87,5
100,0
2
12,5
16
100,0
System
Total
14,3
24. Would you have used the system more or less if you could have seen your friend's location even if you was
not connected to Wireless Trondheim yourself?
Valid
Cumulative
Percent
Frequency
2
Percent
12,5
Valid Percent
12,5
The same
9
56,3
56,3
68,8
More
5
31,3
31,3
100,0
Total
16
100,0
100,0
.
12,5
25. How many friends did you have at The FriendRadar?
Valid
Frequency
2
Percent
12,5
Valid Percent
14,3
Cumulative
Percent
14,3
4-6
2
12,5
14,3
28,6
7-10
5
31,3
35,7
64,3
11-15
4
25,0
28,6
92,9
15+
1
6,3
7,1
100,0
Total
14
87,5
100,0
0
A-12
Missing
System
Total
2
12,5
16
100,0
26. Have you logged in to The FriendRadar with the intention to check where your friends were located?
Cumulative
Percent
12,5
Frequency
2
Percent
12,5
Valid Percent
12,5
N
8
50,0
50,0
62,5
Y
6
37,5
37,5
100,0
16
100,0
100,0
Valid
Total
27. How many times have you logged in to The FriendRadar with the intention to check where your friends were
located?
Valid
1
Percent
12,5
Valid Percent
33,3
2
3
18,8
50,0
83,3
5
1
6,3
16,7
100,0
100,0
Total
Missing
Cumulative
Percent
33,3
Frequency
2
System
Total
6
37,5
10
62,5
16
100,0
29. How many times have you tried to find yourself on the map in The FriendRadar?
Valid
0
Frequency
9
Percent
56,3
Valid Percent
64,3
1
5
31,3
35,7
14
87,5
100,0
2
12,5
16
100,0
Total
Missing
System
Total
Cumulative
Percent
64,3
100,0
30. How many times have you found yourself on the map in The FriendRadar?
Valid
0
Percent
68,8
Valid Percent
78,6
1
2
12,5
14,3
92,9
3
1
6,3
7,1
100,0
14
87,5
100,0
2
12,5
16
100,0
Total
Missing
Cumulative
Percent
Frequency
11
System
Total
78,6
31. Have you ever found any of your friends on the map in The FriendRadar?
Cumulative
Percent
12,5
Frequency
2
Percent
12,5
Valid Percent
12,5
N
9
56,3
56,3
68,8
Y
5
31,3
31,3
100,0
16
100,0
100,0
Valid
Total
A-13
32. How many times have you found some of your friends on the map in The FriendRadar?
Valid
Missing
Cumulative
Percent
1
Frequency
3
Percent
18,8
Valid Percent
60,0
2
1
6,3
20,0
80,0
6
1
6,3
20,0
100,0
Total
5
31,3
100,0
System
Total
11
68,8
16
100,0
60,0
33. Have you ever tried to look up (physically) any of the friends that you have found on The FriendRadar?
Cumulative
Percent
68,8
Frequency
11
Percent
68,8
Valid Percent
68,8
N
3
18,8
18,8
87,5
Y
2
12,5
12,5
100,0
16
100,0
100,0
Valid
Total
34. How many times have you tried to look up (physically) any of the friends that you have found on The
FriendRadar?
Valid
Missing
Cumulative
Percent
50,0
100,0
1
5
1
6,3
50,0
Total
2
12,5
100,0
System
Total
Percent
6,3
Valid Percent
50,0
Frequency
1
14
87,5
16
100,0
35. Have you ever found (physically) some of the friend you tried to look up?
Cumulative
Percent
87,5
Frequency
14
Percent
87,5
Valid Percent
87,5
N
1
6,3
6,3
93,8
Y
1
6,3
6,3
100,0
16
100,0
100,0
Valid
Total
36. How many times have you found (physically) some of the friends you have tried to look up?
Valid
1
Missing
System
Total
Frequency
1
Percent
6,3
15
93,8
16
100,0
Valid Percent
100,0
A-14
Cumulative
Percent
100,0
40. Do you feel that the iPod combined with The FriendRadar's positioning-functionality has disturbed your own
private life?
Frequency
2
Valid
Percent
12,5
Valid Percent
12,5
Cumulative
Percent
12,5
100,0
N
14
87,5
87,5
Total
16
100,0
100,0
41. Have you ever behaved in different way when you have used the iPod in Wireless Trondheim than you would
have done without the iPod, because you knew that all your friends could see where in the city you where
located?
Frequency
2
Valid
Percent
12,5
Valid Percent
12,5
Cumulative
Percent
12,5
100,0
N
14
87,5
87,5
Total
16
100,0
100,0
43. How many times have you deliberately avoided connecting the iPod to Wireless Trondheim because you did
not want other to be able to locate you downtown with The FriendRadar?
Valid
0
Missing
System
Frequency
14
Percent
87,5
2
12,5
16
100,0
Total
Valid Percent
100,0
Cumulative
Percent
100,0
44. How many times have you left the iPod on a place where you were not, because you did not want it to show
your real location?
Valid
0
Missing
System
Frequency
14
Percent
87,5
2
12,5
16
100,0
Total
Valid Percent
100,0
Cumulative
Percent
100,0
45. If the system had the possibility to 'lie' on your location, would you have used this functionality?
Frequency
2
Percent
12,5
Valid Percent
12,5
Cumulative
Percent
12,5
Yes
2
12,5
12,5
25,0
No
6
37,5
37,5
62,5
Don’t know
6
37,5
37,5
100,0
16
100,0
100,0
Valid
Total
46. Was it some friend that you did not allow to see you on the map?
Frequency
2
Valid
Percent
12,5
Valid Percent
12,5
Cumulative
Percent
12,5
100,0
No
14
87,5
87,5
Total
16
100,0
100,0
A-15
47. Were you ever afraid of that the system administrator or others would use your location or other information
about you that was saved in The FriendRadar to something you did not know about?
Cumulative
Percent
12,5
Frequency
2
Percent
12,5
Valid Percent
12,5
N
13
81,3
81,3
93,8
Y
1
6,3
6,3
100,0
16
100,0
100,0
Valid
Total
49. Have you ever sent a message through The FriendRadar?
Cumulative
Percent
Frequency
2
Percent
12,5
Valid Percent
12,5
N
8
50,0
50,0
62,5
Y
6
37,5
37,5
100,0
16
100,0
100,0
Valid
Total
12,5
50. Would you use a similar system as The FriendRadar if it was put on the market, and all the shortcomings of
the system and the positioning was fixed?
Valid
N
Frequency
3
Percent
18,8
Y
13
81,3
81,3
Total
16
100,0
100,0
Cumulative
Percent
Valid Percent
18,8
18,8
100,0
53. Would you use The FriendRadar more or less if you could be located everywhere independent on which
network you was connected to?
Valid
Frequency
2
Percent
12,5
Valid Percent
12,5
Cumulative
Percent
12,5
The same
7
43,8
43,8
56,3
More
6
37,5
37,5
93,8
Less
1
6,3
6,3
100,0
Total
16
100,0
100,0
.
54. f you had been located anywhere, would you allow the same friends to see you at the map as you did in The
FriendRadar?
Cumulative
Percent
Frequency
2
Percent
12,5
Valid Percent
12,5
Fewer
7
43,8
43,8
56,3
Yes
7
43,8
43,8
100,0
Total
16
100,0
100,0
Valid
A-16
12,5
55. If you had been located anywhere, do you think that you would have used a 'lie' functionality as mentioned
earlier?
Cumulative
Percent
12,5
Frequency
2
Percent
12,5
Valid Percent
12,5
Yes
11
68,8
68,8
81,3
No
3
18,8
18,8
100,0
16
100,0
100,0
Valid
Total
56. If you had been located anywhere and it had been possible to turn the system off, would you have used this
turn-off functionality?
Valid
Frequency
2
Percent
12,5
Valid Percent
12,5
Cumulative
Percent
12,5
13
81,3
81,3
93,8
100,0
Yes
No
1
6,3
6,3
Total
16
100,0
100,0
57. If you imagine that you could choose between a system that are very similar to MSN and where you could be
located anywhere, and a system that is very similar to Facebook and where you could be located anywhere,
which system would you choose?
Valid
Frequency
7
Percent
43,8
Valid Percent
43,8
MSN
9
56,3
56,3
Total
16
100,0
100,0
Facebook
Cumulative
Percent
43,8
100,0
58. Would you have used one of the systems mentioned above if it was not possible to turn off the positioningfunctionality?
Valid
Cumulative
Percent
12,5
Frequency
2
Percent
12,5
Valid Percent
12,5
Maybe
9
56,3
56,3
68,8
No
5
31,3
31,3
100,0
16
100,0
100,0
Yes
Total
59. Would you have used one of the systems mentioned above if it was possible to turn off the positioningfunctionality?
Valid
Yes
Maybe
Total
Frequency
11
Percent
68,8
Valid Percent
68,8
Cumulative
Percent
68,8
5
31,3
31,3
100,0
16
100,0
100,0
A-17
A-18
Appendix B - The interview template
Introduce yourself.
Why interview?
Is it OK if the interview is recorded?
Thanks for participating in the interview. You are completely anonymous. Your name will not be
mentioned anywhere. If there are any questions that you don’t want to answer, just say so. Some
questions may be difficult to answer. Just remember that there is no correct or wrong answer, I just
want your opinion, and just try to answer as well as you can. You can interrupt me at any time, and
ask for clarification in the questions.
Date:
Gender:
Did you answer the
questionnaire?
iPod
1: Did you receive an iPod??
2. Did you use it a lot??
How much?
Where did you use it?
Yes: for what? No: Why not?
3: What do you think about the iPod??
4: Was it easy to connect to wireless network with the iPod? Substantiate.
5: Was it easy to connect to Wireless Trondheim with the iPod? Substantiate.
6: Was it easy to use the web browser at the iPod? Substantiate.
B-1
7: Do you think that the iPod was a suitable device to use The FriendRadar on? Why/why not?
Compared to a mobile phone?
FACEBOOK -- MSN
8: Do you have a profile on Facebook??
9: For how long?
10. Why did you register a profile on Facebook??
11. How often do you use it??
12: How many friends?
13: What do you use Facebook for? What is good, what is bad??
14: Any thoughts of protection of your personal privacy on Facebook?
15: Do you use MSN? How much?
16. Do you have most contacts/friends on MSN or Facebook? Do you have the same friends in the
both systems?
17. What is most important for you, Facebook or MSN? Why?
18. Are you registered in other social services on internet? MySpace, Nettby, Blink, Friendster,
LinkedIn etc.
B-2
THE FRIEND RADAR
19. How often did you log into The FriendRadar?
From iPod:
From another computer:
20. Hoe many friends did you have? Why was they your friends? Did you know everyone?
21. What do you think about The FriendRadar?
22: have you any impression about what you classmates think about The FriendRadar?
23. Did you ever manage to log in to the system while you were connected to Wireless Trondheim,
such as you found yourself on the map? How many times?
24: Was it any time that you thought that you wanted to check your friends’ location with The
FriendRadar? Did you do it? Why/why not?
25: Did you ever locate any of your friends on the map? In what situation? Where was they? Did
you try to find them? Why/why not?
26: Did you do something you normally would not have done, or avoided doing something you
normally would, because you was connected to Wireless Trondheim and knew that your friends
could see your location?
27: Did you send messages in the system? Why/why not?
28. Do you generally feel that the system ever disturbed you private life?
29. Was it any functionality that you missed in The FriendRadar?
Mention the following things if no answer:
- Share pictures and video
- Link pictures with location on map
B-3
-
The system logs the users’ last observed position (with timestamp)
Something else?
30. What do you think about the following functionality in The FriendRadar?
- Choose if you want your location to be shown on the map or not
- That it is only possible to see others location when you can be located yourself
31. Would it be useful with the following functionality?
- Group your friends with different privacy settings on map and etcetera.
- That you get notice if localised by others
- Lie about your location
32. If The FriendRadar had been put on the market, with connection to Wireless Trondheim, as it is
today. Would you have used it? Why/why not?
33. If The FriendRadar was put on the market, and all the problems with Wireless Trondheim was
fixed, would you use it? If you was localised anywhere at anytime? How many friends would you
have in such a system?
FUTURE SYSTEM
34. If you imagine a system where you can locate your friends. Would you choose a system that is
similar to Facebook or similar to MSN?
34.1 What do you think of the concept behind such a system?
35. When you further imagine this system, would you prefer your friends to be localised on a map,
that you only would know if they were nearby or would you want that they could write their
current location such as the locations was remembered by the system and automatically connected
to the location next time?
36. Would you have fewer or more friends in such a system, than you have for instance on MSN or
Facebook?
B-4
37. Imagine that the system could locate you (your phone or mp3 player) anywhere and anytime,
independent on network connection? Do you think that this kind of system would disturb your
private life? Why/why not?
38. Would you rather have, or not have, the following functionality if the system could locate you
everywhere and anytime? If yes, how important had the following functionality been? Why?
-Possible to turn off the positioning functionality
-Choose personal settings and map granularity for each friend
-That the users only has the opportunity to see other location when they themselves can be located
-Group you friends with different privacy settings on each group
-That you get notice when other users locates you
-That you only can locate friends, that have approved that you can locate them
-That you can lie about your own location (say that you are downtown, when you actually are at
home for instance)
39. What do you think about such concept/system if all privacy mechansims you want are
achieved?
40. Would you be willing to pay for such a system?
41. is there anything else you would like to say about the system or the experiment?
Thank you for the help! This is of great use for me.
B-5
B-6
Appendix C – The FriendRadar user manual
First time you use the system
The address to The FriendRadar is http://vr.idi.ntnu.no/vr. Write this in a web browser (either on
the iPod or another computer). At the iPod the browser is Safari that you will find as an icon in the
main menu. Then you will get up a login screen. Turn the iPod you have received, and you will se a
sticker with a NTNU logo. On the sticker there is a code in the form 6310-0811-Axx, where xx
represents two numbers. Login to the web page by using the three last characters of this code as
nickname, in other words: Axx. If it say A15, use A15 as nickname. Write in ‘passord’ in the
password field, which is the standard password. Now you’re logged in. The first thing you should
do is to edit your profile by choosing edit profile on the profile page. It is important to remember to
change you password. Now your profile is ready, and you can start connecting with friends.
Friend settings
When you ask someone if they want to be your friend, or if you get a friend request you will be
asked to choose a map setting towards your friend. If both you and your friend choose to be viewed
on the map, can you see your friend in the map if he or she is inside the coverage area of Wireless
Trondheim. The same thing is valid for your friend. If you choose that the friend can not see you on
the map, the friend can’t localise you on the map; just see your colour code on the friend list. The
same thing is counts for you toward this friend. If you don’t want to show on the map, then you
can’t see your friend on the map either.
Connect to Wireless Trondheim
For the system to be able to know your location, and for you to be able to localise others, you have
to connect your iPod to Wireless Trondheim. You do this by choosing Settings in the main menu of
the iPod. Then you push the topmost menu choice (Wi-Fi). Then a list over the available networks
appears. Here you choose Wireless Trondheim. You are now connected to the network. Then you
have to authenticate you on the webpage of Wireless Trondheim. Here you use the username and
password you got as a gymnasium pupil in Trondheim.
Find your friends in the city
If you are connected to Wireless Trondheim, you can log in to The FriendRadar to find you friends.
When you have logged in, you choose map in the top menu and all your friends that currently are
connected to Wireless Trondheim is placed on the map together wit yourself. You can also choose
one and one user in the left menu to localise only this person.
The colour codes in the friend list
The friends in the friend list in the left menu can have a background in three different colours:
green, yellow or red. The background is red if the user is not connected to Wireless Trondheim,
because he is either outside the coverage area or not connected to the network. Users can be
localised without being logged in on the webpage, as long as they are connected to Wireless
Trondheim. If you are not connected to Wireless Trondheim yourself, all the users get a red
background regardless if they are connected to Wireless Trondheim or not. If a friend has a yellow
background it means that the friend is connected to Wireless Trondheim, but is located more that
200 metres from you current location. If the friend has a green background, it means that the friend
is closer than 200 metres from you current location.
C-1
Common mistakes
The map will not be updated: You have to update the map yourself by choosing map in the top
menu or by choosing ’Update map’.
I can’t see my friend on the map, even though they are located right next to me: If there are
several users at the same spot, the markers can be on top of each other on the map, such as they get
difficult to see. This can be solved by zooming the map, or choosing to view one friend at the time.
I can’t upload a picture of myself: Pictures can only be uploaded from an ordinary computer and
not from the iPod. The picture should be less than 100 kilobytes.
I can’t get localised even if I am connected to Wireless Trondheim: Try to log in to The
FriendRadar again. If this doesn’t help, contact Per Anton Gransæther on e-mail
([email protected]).
Other errors
Report errors to Per Anton Gransæther on e-mail: [email protected] or phone: 93047053.
Have fun!
C-2

Top types

Top brands

Top types

Top brands

Top types

Top brands

Top types

Top brands

Top types

Top brands

Top types

Top brands

Top types

Top brands

Top types

Top brands

Top types

Top brands

Top types

Top brands

Top types

Top brands

Top types

Top brands

Top types

Top brands

Download Icon - To Daim